ticket,summary,owner,component,_version,priority,severity,milestone,type,_status,workflow,_created,modified,_description,_reporter,Comments
39198,Customize: Apostrophes in custom CSS cause false positives for validation errors,,Customize,4.7,normal,normal,4.7.1,defect (bug),new,commit,2016-12-09T10:34:19Z,2016-12-10T04:43:46Z,"Good day,
I don't know if I'm writing in the correct section, so I apologize in advance.
I found a bug in WordPress 4.7.0 with the italian language installed.
When customizing a theme via the ""Additional CSS"" tool, an error is generated when saving the custom code.
I will attach a screenshot of this error.
In particular, in italian is translated the CSS comment section:
{{{
/*
You can add your own CSS here.
Click the help icon above to learn more.
*/
}}}
in this way:
{{{
/*
Puoi aggiungere qui il tuo CSS.
Per saperne di più fai clic sull'icona di aiuto qui sopra.
*/
}}}
As you can see, there is a single quote {{{ ' }}} in the CSS comment. The problem is that, when saving the custom CSS, WordPress generate the following error:
{{{
Your single quotes ' are uneven. Make sure there is a closing ' for every opening '.
}}}
At first I thought I had made a typing error, but the error is generated even when saving only that comment.
I know I can avoid this error not using the {{{ ' }}} in the CSS code, but I think ""normal"" users won't understand this, even because in italian the use of single quote is often necessary.
Maybe WordPress should not ""check"" the comment sections in order to check if single quotes are uneven. But this is only an opinion :D
However you can replicate this error installing WordPress in italian in localhost, customizing the default theme and editing the ""Additional CSS"" section (in italian ""CSS aggiuntivo"").
I hope that my report will be useful, and thank you very much for everything you do.
''Dan''",dan.sed,7
39219,Add `assertNotFalse` method to `WP_UnitTestCase`.,peterwilsoncc,Build/Test Tools,trunk,normal,normal,4.8,enhancement,assigned,has-patch,2016-12-10T02:55:09Z,2016-12-10T04:40:16Z,"The version of phpunit WP uses on older versions of PHP doesn't include the assertNotFalse method.
",peterwilsoncc,3
38903,Prevent `update_option()` from updating when the old and new values contain identical objects.,peterwilsoncc,General,2.0,normal,normal,4.8,defect (bug),assigned,has-patch,2016-11-22T12:12:51Z,2016-12-10T04:22:41Z,"When an object is included in an option, passing an unchanged value to `update_option` will trigger an UPDATE query.
Given the data below, the `meta_data` will have a different resource ID for the old and new values. `$value === $old_value` will always evaluate untrue and the database will be updated and the caches cleared.
{{{
array(2) {
[""url""]=>
string(85) ""http://src.wordpress-develop.dev/wp-content/uploads/2016/10/cropped-Blurry-Lights.jpg""
[""meta_data""]=>
object(stdClass)#370 (3) {
[""attachment_id""]=>
int(292)
[""height""]=>
int(708)
[""width""]=>
int(1260)
}
}
}}}
Followup from #38866, props due @bradyvercher for finding.",peterwilsoncc,9
38836,A current_page_parent CSS class is not added to relevant WP menu items if the query is for a custom post type single item,,Menus,4.6.1,normal,normal,Awaiting Review,enhancement,new,needs-unit-tests,2016-11-17T00:05:51Z,2016-12-10T03:45:12Z,A {{{current_page_parent}}} CSS class doesn't get added to relevant post type archive menu items if the current query is for a custom post type single item.,henry.wright,3
38904,Add action hook in class-walker-nav-menu-edit.php,,Menus,4.7,normal,normal,Awaiting Review,enhancement,new,reporter-feedback,2016-11-22T12:28:40Z,2016-12-10T03:40:09Z,"The class-walker-nav-menu-edit.php is lack for a simple action hook that let authors add their own fields to the admin menu.
In the last week I found 4 different users complaining their plugins/themes are not compatible ( Ubermenu, Geotargeting Pro, Salient theme and another theme I can't remember) because every of them are replacing the whole walker.
The whole menu ecosystem could simple work by adding a hook ( patch added ) and makes totally sense.
We already have filters/actions for settings wp_setup_nav_menu_item , wp_update_nav_menu_item so I don't see a reason of why not having a hook to add the gui of this fields without modifying the whole walker.
Related to https://core.trac.wordpress.org/ticket/18584 but could solve lot of issues until that ticket from 5 years got solved and merged.",timersys,2
31218,nav-menu.js menu item added event,chriscct7,Menus,4.2,normal,trivial,Future Release,enhancement,reviewing,has-patch,2015-02-03T02:52:43Z,2016-12-10T03:06:42Z,"I am writing a plugin that adds a checkbox to each item in the admin Menu that is being edited. The checkbox is used to either bulk delete items in the menu or to insert a new one after it. Here is the plugin on github - [https://github.com/ryanwelcher/Bulk-Remove-Menu-Items]
Currently, I am overriding the addMenuToBottom() method in nav-menu.js to achieve the goal. I would love to see an event be triggered after the item is added. This seems like a much more efficient and elegant - not to mention less hacky - way of approaching this.
I have attached a patch with an initial approach that passes the markup of the item as a parameter. Any input is welcome.",welcher,20
39132,"WP 4.7, object-cache.php breaks the site if APC is not enabled in php",,Bootstrap/Load,4.7,normal,normal,4.7.1,defect (bug),new,has-patch,2016-12-07T03:18:43Z,2016-12-10T02:16:15Z,"'''This happens if PHP doesn't have APC enabled.'''
In wp-includes/object-cache.php: the code checks if APC is enabled, by checking the existence of the function 'apc_fetch'. If it isn't, then it sets $GLOBALS`['_wp_using_ext_object_cache']` to false, and manually adds a filter to $wp_filter`['all']` , like this:
{{{#!php
$GLOBALS['wp_filter']['all'][-100]['apc_not_actually_running'] = array( 'function' => 'apc_not_actually_running', 'accepted_args' => 0 );
}}}
Then, when _wp_call_all_hook() is called (this is in wp-includes/plugin.php), the code breaks.
This happens because it does this:
{{{#!php
$wp_filter['all']->do_all_hook( $args );
}}}
meaning, it expects $wp_filter`['all']` to be a WP_Hook object, but it is an array due to the override that happened in object-cache.php (mentioned above).
An ""solution"" for users would be to install and enable APC on php,
or comment the line that adds the filter as an array in object-cache.php (line 667 in the latest version). The real solution would be to add this filter using/via WP_Hook?
",innocuo,13
39047,Installer tries to create nonce before options table exists,,Upgrade/Install,4.7,normal,normal,4.7.1,defect (bug),new,has-patch,2016-12-04T15:53:23Z,2016-12-10T01:06:31Z,"When creating a new install via wp-admin/install.php the following errors occur:
WordPress database error: [Table '....wp_options' doesn't exist]
INSERT INTO `wp_options` (`option_name`, `option_value`, `autoload`) ....
WordPress database error: [Table '....wp_options' doesn't exist]
INSERT INTO `wp_options` (`option_name`, `option_value`, `autoload`) ....
This error occurs with the following conditions:
* wp-config.php created by user instead of installer
* all salts and keys in wp-config are identical
* database has not been installed
",nullvariable,8
39218,Customize: Harden validation of CSS syntax validity by utilizing tokenizer,,Customize,4.7,normal,normal,4.8,defect (bug),new,,2016-12-10T00:52:01Z,2016-12-10T00:52:01Z,"There is a [https://core.trac.wordpress.org/browser/tags/4.7/src/wp-includes/customize/class-wp-customize-custom-css-setting.php#L159 todo comment] in `WP_Customize_Custom_CSS::validate()` setting to implement this:
> There are cases where valid CSS can be incorrectly marked as invalid when strings or comments include balancing characters. To fix, CSS tokenization needs to be used.
The current approach to validating syntax via regular expressions is too naïve.
See #39198.",westonruter,
39134,Customize: custom CSS textarea is scrolled to top when pressing tab,westonruter,Customize,4.7,normal,normal,4.7.1,defect (bug),reopened,commit,2016-12-07T05:48:22Z,2016-12-10T00:44:14Z,"When there's enough CSS for a scrollbar on the textarea, it jumps to the top whenever you press the tab key. This is a very frustrating experience as a user; milestoning for 4.7.1 for investigation since it's introduced by a new 4.7 feature. See forthcoming screencast.",celloexpressions,13
39186,Bulk actions not correctly applied when selecting bulk actions in both the top and bottom bulk actions dropdowns,,Quick/Bulk Edit,4.7,normal,normal,4.8,defect (bug),new,needs-unit-tests,2016-12-08T14:48:44Z,2016-12-10T00:34:26Z,"In `WP_List_Table` objects, the bulk actions dropdown and ""Apply"" button is displayed twice: once below the table and once above the table. The `name` attribute of the bulk actions dropdown element is always set ""action"". This wouldn't be a problem if the top and bottom actions were two in different forms.
However, both dropdown elements are in the `posts-filter`-form. You can start to see the problem here. Two form elements both have the same name, which yields unexpected behaviour when trying to apply bulk actions.
Take the following use case, for example:
- Select some posts from the posts list in `/wp-admin/edit.php`.
- Select ""Edit"" from the bulk actions dropdown above the list table.
- Select ""Move to Trash"" from the dropdown below the list table.
- Click the apply button next to the dropdown on the bottom of the list table.
- The submit request is sent. You would expect the posts to be moved to the trash, but instead, nothing happens.
Screencast of bug: http://recordit.co/EjHAbw2KNr
The solution I see would rename the dropdowns for the top and bottom dropdowns (they already have different names) and name the ""Apply"" buttons. Then, when one of the buttons is pressed, execute the corresponding bulk action.
In any case, we shouldn't have any two form elements with the same name in a single form.",engelen,4
37371,Reduce reliance on randomness in tests,johnbillion*,Build/Test Tools,,normal,normal,Future Release,enhancement,accepted,,2016-07-14T21:57:23Z,2016-12-10T00:01:30Z,"39 of core's tests rely on `rand_str()` returning a different value each time it's called in order to pass. It's entirely possible that `rand_str()` could return an identical value twice, and therefore the test would randomly (ho ho) fail.
Let's remove all the unnecessary uses of `rand_str()`, where a fixed string would suffice. This will also shave off some milliseconds.",johnbillion,8
38716,Miscellaneous test suite improvements,,Build/Test Tools,,normal,normal,Future Release,task (blessed),new,,2016-11-08T22:10:12Z,2016-12-09T23:35:56Z,This is a tracking ticket for miscellaneous improvements to the test suite that don't warrant individual tickets.,johnbillion,7
33405,"Pagination - use of helip / ""..."" not logic in some cases",,Themes,4.2.4,lowest,trivial,Awaiting Review,enhancement,new,has-patch,2015-08-18T16:40:31Z,2016-12-09T23:22:20Z,"Hi there,
I believe there is some improvement potential in the logic of the pagination. The ""..."" indicator does not really serve its purpose, in case you have it only hiding one page link - see attached screenshot.
Would propose to change the function generating the pagination to only use it in case it at least covers 2 page links.",th23,2
14254,update_meta_cache fails; query too large?,,Cache API,2.9.2,normal,normal,Future Release,defect (bug),reopened,dev-feedback,2010-07-09T19:49:22Z,2016-12-09T23:08:50Z,"In the file meta.php, around line 183 in the 'update_meta_cache()' function, it tries to do a query but I noticed this can fail (ie. crash wordpress) if there are too many post id's in the query.
The function is being called from query_posts(), with 'posts_per_page' set to -1.
An example query that crashed it:
{{{
SELECT post_id, meta_key, meta_value FROM wp_postmeta WHERE post_id IN (1009,1006,989,933,902,860,859,858,857,793,838,837,836,827,825,310,780,777,776,775,774,773,770,763,760,759,758,757,728,756,755,754,753,752,751,750,748,746,
732,736,729,726,725,724,723,722,720,719,717,716,715,710,709,503,692,289,625,268,593,583,582,332,32,30,28,26,24,22)
}}}
Maybe there is some limit associated with queries of this type internal to wordpress, as this query works fine in phpMySql.
Apologies if this is already reported or irrelevant in 3.0!
",newpixel,12
39215,Support for string $args in wp_get_object_terms() broken in 4.7,,Taxonomy,4.7,normal,critical,4.7.1,defect (bug),new,has-patch,2016-12-09T20:16:02Z,2016-12-09T23:02:09Z,"It appears that `wp_get_object_terms()` no longer supports the string version of the `$args` parameter. Prior to WordPress 4.7 it used to support both string and array values, and there might be multiple plugins and themes that rely on this fact. It's also documented as `string|array` in the Codex.
After digging a bit I found that this regression has been introduced in [38667] which removed a lot of redundant code.",sstoqnov,6
38913,"Aggregation of contracted and not contracted verb forms (cannot, doesn't)?",,Text Changes,4.7,normal,normal,Awaiting Review,enhancement,new,,2016-11-23T12:37:40Z,2016-12-09T22:52:06Z,"I count
18x `does not` vs. 5x `doesn't`
28x `cannot` vs. 4x `can not` vs. 1x `can't` (+ 1x in 'administration')
lots of `is not` vs 1x `isn't`
Do we want to combine them?
",Presskopp,1
39176,"Merge two similar ""terms"" strings in the REST API",,Taxonomy,,normal,normal,4.8,enhancement,new,commit,2016-12-08T02:26:34Z,2016-12-09T22:51:34Z,See the attached patch.,ramiy,2
39100,Customize: Edit shortcuts do not work if page hasn't been saved and published,westonruter,Customize,4.7,normal,normal,4.7.1,defect (bug),reviewing,commit,2016-12-06T04:07:27Z,2016-12-09T22:40:48Z,"This may not be possible to fix given the workflow, but it seemed like an issue.
In Twenty Seventeen:
1. Go to Customizer — Theme Options.
2. Make a new page (for a section).
3. Click on the edit icon for that new page/section.
4. Edit icon doesn’t do anything.
5. Click edit icon for existing page. That one works.
This makes some sense because the new page isn't saved and published yet, but it seems like the preview should still work with the page.
Reproduced by myself, @laurelfulford and @melchoyce.",davidakennedy,4
39103,Customize: menus aren't deleted,,Customize,4.7,normal,normal,4.7.1,defect (bug),new,commit,2016-12-06T05:46:27Z,2016-12-09T22:34:46Z,"In trunk, deleting a menu in the customizer appears to be successful. However, the next time you open or reload the customizer, any deleted menus reappear. This may cause larger issues with conflicting menu names, for example, because the menu seems to be deleted but actually isn't.",celloexpressions,4
39195,Undefined index: extension in class-wp-image-editor-imagick.php on line 152,,Media,4.7,normal,normal,4.7.1,defect (bug),new,has-patch,2016-12-09T02:01:14Z,2016-12-09T22:09:16Z,"This is a follow-up to #37608.
The '''EXACT SAME ERROR was just introduced with WordPress 4.7''' in class-wp-image-editor-imagick.php line 152 and is now generating notices all over my development instance when uploading images via a plugin I'm developing
{{{#!php
try {
$this->image = new Imagick();
$file_parts = pathinfo( $this->file );
$filename = $this->file;
if ( 'pdf' == strtolower( $file_parts['extension'] ) ) {
$filename = $this->pdf_setup();
}
}}}
The $info variable is created using PHP's very own pathinfo() like this:
{{{
$info = pathinfo( $this->file );
$dir = $info['dirname'];
$ext = $info['extension'];
}}}
According to PHP documentation, the extension index can be missing (not set) if the file does not have one.
http://php.net/manual/en/function.pathinfo.php
The code above will obviously generate a notice in such a scenario. An easy way around this is NOT to assume the ""extension"" index is present, for example like this:
{{{
$dir = pathinfo( $this->file, PATHINFO_DIRNAME );
$ext = pathinfo( $this->file, PATHINFO_EXTENSION );
}}}",JaworskiMatt,3
39211,is_page_template could return true on terms,swissspidy,"Posts, Post Types",4.7,normal,normal,4.7.1,defect (bug),assigned,needs-unit-tests,2016-12-09T16:18:01Z,2016-12-09T22:00:32Z,"Since this function no longer checks is_page(), the ID from get_queried_object_id will always be used to check the post template slug - this ID is not guaranteed to be a post ID. If that ID matches a Post ID with that page template it will return true even though that template is not being loaded. If that ID matches with any Post ID that does not have page template set it will most likely return true is_page_template() with no argument.",natereist,3
39210,switch_to_locale() unloads all plugin and theme translations,,I18N,4.7,normal,normal,Awaiting Review,defect (bug),new,,2016-12-09T16:07:08Z,2016-12-09T21:37:42Z,"When using switch_to_locale() in the backend, all translations loaded into the `$l10n` global will be unloaded, except for the default one. This makes plugin and theme translations unavailable after using switch_to_locale().
In the `load_translations` method of `WP_Locale_Switcher` there are two functions called right after each other for each of the currently loaded domains:
{{{#!php
unload_textdomain( $domain );
get_translations_for_domain( $domain );
}}}
`unload_textdomain` loads all unloaded functions into the `$l10n_unloaded` global. Later when `_load_textdomain_just_in_time()` is called in `get_translations_for_domain()`, all domains set in `$10n_unloaded` will be short-circuited in the following statement
{{{#!php
// Short-circuit if domain is 'default' which is reserved for core.
if ( 'default' === $domain || isset( $l10n_unloaded[ $domain ] ) ) {
return false;
}
}}}
This results in only the new translations for the domain `default` being loaded. All plugin and theme translations will be lost. But even when `|| isset( $l10n_unloaded[ $domain ]` is commented out, it doesn’t work, because WordPress then tries to load a language file from the `WP_LANG` folder, and not from either a theme or plugin directory.
In #26511 it was already mentioned by @rmccue that this might affect emails to be sent in the wrong language: https://core.trac.wordpress.org/ticket/26511#trac-change-8-1430202811399151.
I run into this problem when I want to send notification emails to subscribed email adresses whenever I publish a post.
= Test case =
I created a minimal theme with a translations for `en_EN` and `de_DE` that displays some debug output in the backend and the frontend.
Preparatory steps:
1. Set site language to German (de_DE).
2. Set admin user language to English (en_EN). If the language dropdown does not appear, temporarily set the site language to German so the translation is downloaded and then select the users language again.
3. Install the test theme.
Now an admin notice should appear in the backend that shows debug output. There are string translations saved before and after `switch_to_locale`. Whenever `Untranslated default string` shows up, then a translation couldn’t be loaded.
---
Now if this is not intended behavior, I don’t really know how I would approach fixing this.",gchtr,1
39214,Twenty Seventeen: Edit shortcut icons getting cut for mobile device preview in customizer,,Bundled Theme,4.7,normal,normal,Awaiting Review,defect (bug),new,has-patch,2016-12-09T19:38:25Z,2016-12-09T21:14:23Z,"When checking for device preview mode, the shortcut icons for Header image, Site title and tagline getting cut on left side for mobile preview.",umesh.nevase,3
39208,Additional CSS placeholder text inconsistent with help button placement,,Customize,4.7,normal,normal,Awaiting Review,defect (bug),new,close,2016-12-09T14:05:22Z,2016-12-09T21:11:35Z,"The placeholder text (comment) for additional CSS reads:
/* You can add your own CSS here. Click the help icon above to learn more. */
But the help button is actually placed '''below''' the textarea.",hvianna,6
39194,Invalid parameters in Custom CSS and Changeset queries,,Customize,4.7,normal,normal,4.7.1,defect (bug),new,has-patch,2016-12-09T01:26:35Z,2016-12-09T21:08:27Z,"The `update_term_meta_cache` parameter is passed to `WP_Query` in `wp_get_custom_css_post()` and `WP_Customize_Manager::find_changeset_post_id()`. As far as I can tell, `update_term_meta_cache` is allowed in only `WP_Term_Query` and isn't handled by `WP_Query`.
The attached patch would swap in `'update_post_term_cache' => false` and `'lazy_load_term_meta' => false` based on the inference that neither query is supposed to cause side-effects with terms or term meta.
(Side note: Two tests in `Tests_Query_MetaQuery` also pass `update_term_meta_cache` to `WP_Query`. I've attached a second patch for those, if a fix is warranted.)
",dlh,2
39216,PDFs with non-opaque alpha channels can result in previews with black backgrounds.,,Media,4.7,normal,normal,Awaiting Review,defect (bug),new,,2016-12-09T21:05:46Z,2016-12-09T21:05:46Z,"If a PDF has a non-opaque alpha channel it can result in a black background when rendering the preview. Attached is a real-world example and also a simple blank(ish) test pdf.
One way around this is to use the `Imagick::ALPHACHANNEL_REMOVE` mode of `setImageAlphaChannel()`, as in the attached patch, added as an extra `pdf_process()` method in view of #38832. The unittest requires the blank test pdf to be uploaded to the test data images directory.
The blank test pdf was generated using TCPDF (https://tcpdf.org):
{{{
#!php
AddPage();
$pdf->SetAlpha(0);
$pdf->Output( $dirname . '/test_alpha.pdf', 'F' );
}}}
",gitlost,
38411,Twenty Seventeen: Fatal error,,Bundled Theme,,low,normal,,defect (bug),reopened,,2016-10-20T12:09:05Z,2016-12-09T21:00:46Z,"There is a fatal error on front page.
Fatal error: Uncaught Error: Call to undefined function twentyseventeen_edit_link()
Screenshot: http://bsf.io/7rdnc
Note: After short debug found - function `twentyseventeen_is_frontpage()` called in file `\twentyseventeen\functions.php` - Line 116
But, Defined in file \twentyseventeen\inc\template-functions.php` - Line - 90
",swapnild,12
39184,Fatal error in child-theme customizer partials,,Customize,4.7,normal,normal,Awaiting Review,defect (bug),new,reporter-feedback,2016-12-08T14:34:36Z,2016-12-09T20:59:14Z,"When calling wp_customize::selective_refresh::add_partial without '''render_callback''' attribute, like this:
{{{#!php
selective_refresh->add_partial( 'setting_name', array(
'selector' => '#object-id',
) );
}}}
No error is return, everything works well.
But, when a child theme is created, the customizer crashes with error:
{{{
Fatal error: Cannot unset string offsets in [...]/wp-includes/class-wp-customize-widgets.php on line 1077
}}}
Simply adding a dummy renderer as:
{{{#!php
selective_refresh->add_partial( 'setting_name', array(
'selector' => '#object-id',
'render_callback' => 'return_true',
) );
}}}
make it working every where.
Suggestions:
1. Making the '''render_callback''' attribute mandatory
2. Dealing with a default callback in child themes",bastho,3
39143,Follow up: Inline svg icons are not displaying when the page is viewed from Customizer's iframe on the initial load,,Customize,4.7,normal,normal,Future Release,defect (bug),new,,2016-12-07T12:46:09Z,2016-12-09T20:59:01Z,"This is a follow-up to #35824.
This behavior still happens, but only on the first load. After clicking on the links inside the iframe and going to other pages, the svg elements start working properly.
",johndoedoe,2
26601,Inappropriate content in headings on admin screens,joedolson*,Administration,3.8,normal,normal,4.8,task (blessed),accepted,has-patch,2013-12-13T11:57:56Z,2016-12-09T20:49:49Z,"At the top of the themes.php page there is a second level heading which contains the following:
* The text Themes
* The number of themes being shown
* The Add New link
* The Search installed themes input and label
So on an example page a screen reader voices ""Themes7 Add New Search Installed Themes"".
The use of headings is good for accessibility as it gives screen reader users a way of finding what they are looking for on a page. But in this case there is too much within the heading.
Suggested solution: Keep the word Themes within the heading and move the other elements outside the `

...

`
#a11y-headings",grahamarmfield,125
39125,Customize: Video Header YouTube field has issues when whitespace is inserted at beginning or end of URL,westonruter*,Customize,4.7,normal,normal,4.7.1,defect (bug),accepted,commit,2016-12-06T22:24:17Z,2016-12-09T20:40:13Z,"If the YouTube text field for video headers has white space at the beginning or end of the string, it causes issues. To reproduce:
1. Go to Header Media in the Customizer with Twenty Seventeen activated.
2. Insert a YouTube URL, with a space at the '''beginning''' of the string.
3. In the preview, a refresh happens, but the video isn't there. No errors are output as to why that might be.
4. Save & Publish.
5. On the front end, nothing is output.
The reverse:
1. Go to Header Media in the Customizer with Twenty Seventeen activated.
2. Insert a YouTube URL, with a space at the '''end''' of the string.
3. In the preview, a refresh happens, and a YouTube iframe is there, but the video errors out.
4. Save & Publish.
5. On the front end, a YouTube iframe is there, but the video errors out.
We should handle errors better in the Customizer for this type of thing, and potentially trim whitespace if it's not too aggressive.",davidakennedy,6
39175,Customizer assumes url is passed with replaceState and pushState,westonruter,Customize,trunk,normal,normal,4.7.1,defect (bug),reopened,commit,2016-12-08T02:17:40Z,2016-12-09T20:39:42Z,"According to the w3 spec on pushState and replaceState, the third argument `url` is optional.
In customize-preview.js, `injectUrlWithState( url )` assumes `url` is set, and may append query strings to an undefined `url`. If the javascript on the page uses `replaceState` without passing in the optional third `url` paramenter, this results in preview urls like: `https://example.com/undefined?customize_changeset_uuid=de92e920-e85f-41c3-ab0a-ed6713655aee`.
When provided an url like this, the end result will be the customizer preview displaying a 404 page. Unless, I assume, you have a page with the slug ""undefined"" or ""null"".
",Christian1012,11
39145,custom-background URL escaped,westonruter,Customize,4.7,normal,normal,4.7.1,defect (bug),reopened,commit,2016-12-07T13:45:53Z,2016-12-09T20:39:41Z,"In 4.7 the URL of a custom background-image (e.g. in TwentySixteen) added through the customizer is escaped (addslashed):
{{{
body.custom-background { background-image: url(""http:\/\/localhost\/wordpress\/wp-content\/uploads\/layerslider\/Full-width-demo-slider\/left.png"")
}}}
This at least [breaks Autoptimize of that CSS]https://wordpress.org/support/topic/incompatibility-with-wp-4-7-aggregate-inline-css/#post-8524535, but is likely to cause other problems as well.",futtta,11
39009,Customizer: the preview UI language should be the user language,westonruter,Customize,4.7,normal,normal,4.7.1,defect (bug),reopened,commit,2016-12-01T18:15:22Z,2016-12-09T20:38:37Z,"In WordPress 4.7 there are two languages (the site language and the user language) and any controls, text, messages, etc., that are part of the UI should be displayed in the user language, i.e. the one users choose for the admin interface.
By the way, the Customizer preview UI uses the site language. See the screenshots below, taken using these settings:
User language: Spanish
Site language: Deutsch
For example, the edit buttons title and aria label attributes should be in Spanish, as well as the ""Shift Click"" tooltip:
[[Image(https://cldup.com/DO36gZkytv.png)]]
[[Image(https://cldup.com/cKn5xdTHlA.png)]]",afercia,6
39128,"ERROR MESSAGE ""non existing changeset UUID""",,Customize,4.7,normal,normal,4.7.1,defect (bug),new,reporter-feedback,2016-12-07T00:12:58Z,2016-12-09T20:35:36Z,,RomainVB,14
39098,Customize: Clicking on child elements of preview links fails to abort navigation to non-previewable links,westonruter*,Customize,,normal,normal,4.7.1,defect (bug),accepted,has-patch,2016-12-06T03:05:52Z,2016-12-09T20:29:39Z,"In Twenty Seventeen, the social links nav menu has SVG elements as children of the nav menu item links. The `handleLinkClick` function that handles delegated clicks on `a` elements is currently checking if the `event.target` lacks an `href` attribute and if so, it short-circuits since it's not a link. But if the user clicks on a child element, then the `event.target` is not actually the `a` element but the clicked element. The logic for getting the link element needs to change as follows:
{{{#!diff
- link = $( event.target );
+ link = $( event.target ).closest( 'a' );
}}}",westonruter,2
21170,JavaScript actions and filters,adamsilverstein,General,3.4,normal,normal,Future Release,feature request,assigned,dev-feedback,2012-07-05T21:34:03Z,2016-12-09T20:24:48Z,"The concept of adding JavaScript actions and filters has been tossed around for some time. We've experimented with various configurations of actions in both the fullscreen and customizer APIs, and they've proven their utility enough to graduate them to a core feature in their own right.
----
I think that a good events API should satisfy these parameters:
1. '''Support jQuery-style dot namespacing''' to allow functions to be easily removed.
2. '''Should (likely) support priorities.''' While seemingly random numbers aren't fun to use, it allows plugins to cooperate without having to know of each other's existence. We can't expect plugin authors to rearrange the array of callbacks.
3. '''Should ''not'' force functions to have unique IDs.''' Anonymous functions are extremely common in JavaScript — forcing them to be named is contrary to the nature of the language.
4. '''Should be structured as a mixin.''' The global event loop should be an instance of the core Events object. Using a mixin will allow developers to easily create event loops for their own plugins (to prevent polluting the global namespace — think about large plugins, like bbPress). An events mixin will also enable developers to create more powerful abstractions, such as observable values, collections, and pretty much any structural JS object you can dream up.
5. '''Should allow the looping process to be overwritten.''' This will result in less code and added flexibility. The only difference between actions and filters is how they handle the callbacks object. There are other types of looping processes that could be beneficial in JS. One example would be returning false if any callback returns false, which could be used to stop a process, much like the native event.stopPropagation method.
----
'''Why not use custom jQuery events?'''
Custom jQuery events are great when we need to trigger actions on a DOM element. Triggering plain events on the body element (or any other hidden element) is not performant — every jQuery event normalizes an DOM Event object, which we then completely ignore.
'''Should we require jQuery to use the API?'''
I'm not sure. jQuery.Callbacks may be a helpful solution here, provided we can properly integrate priorities and namespacing. jQuery.Callbacks also only requires jQuery.each and jQuery.extend, so writing a shim that doesn't use the rest of jQuery would not be exceptionally difficult. Either way, switching between one and the other as we develop should not be exceptionally difficult.",koopersmith,72
39104,"Customize: starter content home menu item needs to be a link, not a page",,Customize,4.7,normal,major,4.7.1,defect (bug),new,commit,2016-12-06T05:51:57Z,2016-12-09T20:24:13Z,"Core menus use a custom link item for ""home"" rather than associating home with a static front page, when present. However, starter content provides a `page_home` item that insets the ""home"" page as an item in the starter menu.
Menus use a link for ""home"" because the page item will not always actually link home if the user changes the static front page option to be a different page or show the latest posts. This also means that core does not provide a starter-content menu item for ""home"" for themes that default to showing latest posts on front. For these reasons, the `page_home` menu item in starter content should be ''replaced'' with `link_home` to avoid theme developers accidentally introducing this usability trap.
Presuming that this is delayed to 4.7.1, we probably shouldn't remove the `page_home` item entirely. Instead we can deprecate it ''and'' change it to be the link-type menu item that it should be. We'd also add a `link_home` item that has a `title` of ""Home"" and a `url` of the site url. Because `page_home` becomes an unfortunate deprecated item existing only for back compat and with an inaccurate name, Twenty Seventeen would need to be updated alongside 4.7.1 as it currently contains the only canonical example implementation of starter content and is likely to be directly copied.
'''Note that until this is changed, all users creating a new site with core starter content will end up with easily-broken ""home"" links in their menus.'''
",celloexpressions,5
39101,Customize: edit shortcuts for custom menu widgets do not work,sirbrillig,Customize,4.7,normal,normal,4.7.1,defect (bug),assigned,,2016-12-06T04:23:29Z,2016-12-09T20:06:37Z,"Custom menu widgets contain associated menu partials, which also get shortcuts. This has a few issues:
- There are two shortcut icons, one for the menu and one for the widget.
- The menu shortcut doesn't work. Menu partials look for the associated menu location control, but menus displayed via widgets are not in a menu location.
- Depending on the theme, if the widget does not have a title the menu shortcut will likely be displayed on top of the widget shortcut. Since the menu shortcut doesn't work and the widget shortcut is essentially hidden, the shortcuts appear broken and essentially do nothing (unless you navigate to the widget shortcut with the keyboard).
We should either prevent the menu within a custom menu widget from getting an edit shortcut, or hide that icon with CSS. The widget shortcut is more appropriate in that the widget is the ""location"" of the menu, and the widget control links to edit the menu similarly to the menu location controls.",celloexpressions,1
39205,Replace is_super_admin() check with current_user_can( 'upgrade_database' ),flixos90,Role/Capability,,normal,normal,4.8,enhancement,assigned,needs-unit-tests,2016-12-09T13:46:41Z,2016-12-09T19:56:42Z,This is part of the [https://core.trac.wordpress.org/ticket/37616#comment:26 #37616] task. There is an `is_super_admin()` check which needs to be replaced with `current_user_can( 'upgrade_database' )` in `wp-admin/includes/ms.php` (line 776),dhanendran,3
39207,Replace is_super_admin() check with current_user_can( 'manage_options' ) in wp-admin/options-general.php,flixos90,"Options, Meta APIs",,normal,normal,4.8,enhancement,reviewing,,2016-12-09T13:55:56Z,2016-12-09T19:53:59Z,This is part of the https://core.trac.wordpress.org/ticket/37616#comment:28 task. There is 1 is_super_admin() checks in wp-admin/options-general.php that should be replaced with current_user_can( 'manage_options' ).,Dhaval Parekh,3
39209,replace 1 check with current_user_can( 'manage_network' ) in wp-signup.php,flixos90,Role/Capability,,normal,normal,4.8,enhancement,assigned,,2016-12-09T15:32:54Z,2016-12-09T19:52:55Z,"replace 1 check with `current_user_can( 'manage_network' )` in `wp-signup.php`;
in addition, change the message string to `Greetings Network Administrator! The network currently allows “%s” registrations. To change or disable registration go to your Options page.` and the `$i18n['blog']` string to site to match current naming conventions",jignesh.nakrani,1
39199,Replace `is_super_admin()` checks with `manage_network` cap checks in wp-includes/option.php,flixos90,Role/Capability,,normal,normal,4.8,enhancement,assigned,dev-feedback,2016-12-09T12:16:51Z,2016-12-09T19:51:47Z,"This is part of the #37616 task. There are 2 is_super_admin() checks in wp-includes/option.php that should be replaced with current_user_can( 'manage_network' ).
See https://core.trac.wordpress.org/ticket/37616#comment:26",chandrapatel,4
39201,Replace current_user_can( 'manage_network_users' ) in wp-admin/includes/ajax-actions.php and wp-admin/user-new.php (line 228),flixos90,Role/Capability,,normal,normal,4.8,enhancement,assigned,has-patch,2016-12-09T13:08:59Z,2016-12-09T19:25:41Z,This is part of the #37616 task. There are 2 is_super_admin() checks in wp-includes/option.php that should be replaced with current_user_can( 'manage_network' ).,ashokkumar24,3
37840,Optimize full size images,,Media,,normal,normal,Future Release,enhancement,new,,2016-08-26T15:12:04Z,2016-12-09T19:09:34Z,"Many users upload unoptimized full size images to the media library, which can result in unnecessarily large downloads for users when the full size image is inserted in post content or when the full size image is added to `srcset` attributes.
We could potentially improve things by adding a new image size to WordPress that is an optimized version of the original image and use that on the front end instead of the original uploaded image.
Some considerations:
* We should not modify the original uploaded file.
* Consider potential server implications of adding an additional size.
* Can we determine if a file is already optimized so we don't end up increasing the file size in those cases?",joemcgill,10
38342,Quick Draft: Leverage REST API endpoints,joehoyle,Administration,,normal,normal,Future Release,enhancement,assigned,has-patch,2016-10-18T13:54:21Z,2016-12-09T19:05:19Z,"If the REST API content endpoints were in core, how would we rebuild core features (like Quick Draft) to use it? I am opening this ticket to track work on converting the Quick Draft feature to using the REST API.
The quick draft feature is a meta box on the Dashboard for creating draft posts:
[[Image(https://cl.ly/0l1n311M3T1e/Dashboard__WordPress_Dev__WordPress_2016-10-18_09-37-07.jpg)]]
Quick Draft currently uses a simple form to post to `post.php` and create a the draft. The goal of this ticket would be to switch this action to JavaScript and the REST API. In addition, we would switch the list of recent drafts below the form to load via the API and render dynamically as well as adding a progress indicator and confirmation/error message. Note that the form is already hidden if JavaScript isn't available.
Aaron Rutley has already coded a POC version here: https://github.com/AaronRutley/quick-rest-draft
",adamsilverstein,77
39150,Empty JSON Payload Causes rest_invalid_json,jnylen0*,REST API,4.7,normal,normal,4.7.1,defect (bug),accepted,has-patch,2016-12-07T15:55:28Z,2016-12-09T18:59:30Z,"The rest_invalid_json error was introduced in #38547 which is meant to detect defect json in body. However, if a empty body is used, this is marked as invalid as well.
There are scenarios where empty body are used especially when deleting an item.
For example calling a DELETE method on a custom endpoint like the below means deleting the ID 1 from the item resource. There is no need to pass in any unnecessary body content.
{{{
DELETE /wp-json/custom-endppint/item/1
}}}
",GamerZ,11
38977,REST API: `password` is incorrectly included in arguments to get a media item,,REST API,4.7,normal,normal,4.7.1,defect (bug),new,has-patch,2016-11-29T05:23:08Z,2016-12-09T18:21:53Z,"Media items in the API do not support passwords, so we need to check for the presence of `password` in the item schema before adding this argument.",jnylen0,9
39092,REST API: Add support for filename search in media endpoint,,REST API,4.7,normal,normal,4.7.1,enhancement,new,has-patch,2016-12-05T21:33:31Z,2016-12-09T18:21:53Z,"In [38625], the functionality to search for attachments by filename was added via the `_filter_query_attachment_filenames` function and exposed via the `query-attachments` AJAX action.
This applies the same filter function in the same manner in the REST API `/media` endpoint.
It was necessary to move `_filter_query_attachment_filenames` from `wp-admin/post.php` to `wp-includes/post.php` as the function did not exist in the context of a REST API call to that endpoint.
To test:
* Change the `Title` of an attachment to something other than a filename.
* Attempt to search for the filename via the `media?search=`... endpoint -- notice it doesn't surface the intended result
* Apply patch
* Repeat the search call -- it should surface the intended result",jblz,11
39213,Audit the network pages notices.,,Networks and Sites,,normal,normal,Awaiting Review,defect (bug),new,,2016-12-09T18:08:46Z,2016-12-09T18:09:29Z,"Some notices and messages in the network pages are printed out in simple paragraphs and don't make use of the WordPress notices styling. For example, in `my-sites.php`:
{{{
_e( 'You must be a member of at least one site to use this page.' )
}}}
There are probably a few ones across the network screens. For design consistency, they should all use a wrapper `

` element with the proper CSS classes `notice`, `notice-success`, `notice-error` etc. Also, the old CSS classes `updated` and `error` should be replaced with the new ones, where applicable.",afercia,
39204,Replace `is_super_admin()` check with `manage_network_users` cap check in wp-admin/users.php,flixos90,Role/Capability,,normal,normal,4.8,enhancement,reviewing,has-patch,2016-12-09T13:36:18Z,2016-12-09T17:32:52Z,"This is part of the #37616 task. There is 1 is_super_admin() check in wp-admin/users.php that should be replaced with `current_user_can( 'manage_network_users' )`.
See https://core.trac.wordpress.org/ticket/37616#comment:28",abhishek kaushik,3
37616,Replace `is_super_admin()` calls with real capability checks,,Role/Capability,,normal,normal,4.8,task (blessed),reviewing,,2016-08-09T18:18:57Z,2016-12-09T17:21:57Z,"As discussed in Multisite office hours (https://wordpress.slack.com/archives/core-multisite/p1470762377000454), there are plans to improve capability handling in WordPress, to also support network-wide (and possibly global) capabilities. The current `is_super_admin()` check system is no actual role- and capability-based system which makes it impractical to refine roles and capabilities on this level.
While a super admin should have access to all capabilities, we should get rid of all `is_super_admin()` checks that happen outside of `WP_User` and the `map_meta_cap()` function and replace those calls with dedicated capabilities. There might be a few other occurrences where `is_super_admin()` is actually the right choice, but generally it shouldn't be used in other locations anymore. This will open up new possibilities to think about how we can implement a true role- and capability-based system beyond the scope of a site.
The hardest part of this ticket will probably be finding names for the new capabilities. The good thing is that we most likely won't need to touch any roles or adjust `map_meta_cap()` since the new capabilities should only be granted to the super admin for now anyway.
We should probably create a list of occurrences and think about names for the capabilities (or whether we can use existing capabilities) first.",flixos90,43
39212,Replace is_super_admin() check with current_user_can( 'manage_network_users' ) in wp-admin/includes/ms.php,flixos90,Role/Capability,,normal,normal,4.8,enhancement,reviewing,has-patch,2016-12-09T16:30:14Z,2016-12-09T17:11:39Z,This is part of the #37616 task. There are 1 is_super_admin() checks in wp-admin/includes/ms.php that should be replaced with current_user_can( 'manage_network_users' ).,bhargavbhandari90,4
39082,Menu items in the My Sites -> Network Admin menu should use individual capability checks,,Toolbar,3.0,normal,normal,4.8,enhancement,new,has-patch,2016-12-04T21:58:34Z,2016-12-09T17:03:12Z,"The following menu items under `My Sites -> Network Admin` always appear if the user has the `manage_network` capability. They should use appropriate cap checks to determine whether or not to show each menu item.
* Sites (`manage_sites`)
* Users (`manage_network_users`)
* Themes (`manage_network_themes`)
* Plugins (`manage_network_plugins`)
* Settings (`manage_network_options`)
",johnbillion,4
39200,Replace `is_super_admin()` check with current_user_can( 'manage_network_options' ) in wp-admin/options.php,flixos90,Role/Capability,,normal,normal,4.8,enhancement,reviewing,has-patch,2016-12-09T12:56:37Z,2016-12-09T16:59:40Z,"This is part of the #37616 task. There are 2 is_super_admin() checks in wp-includes/option.php that should be replaced with current_user_can( 'manage_network' ).
See: https://core.trac.wordpress.org/ticket/37616#comment:26",sathyapulse,5
39206,Replace `is_super_admin()` with `current_user_can( 'manage_options' )` in wp-admin/network.php,flixos90,Role/Capability,,normal,normal,4.8,enhancement,reviewing,has-patch,2016-12-09T13:49:13Z,2016-12-09T16:39:14Z,This is part of the #37616 task. There is 1 `is_super_admin()` check in wp-admin/network.php that should be replaced with `current_user_can( 'manage_options' )`.,ashokkumar24,1
39202,Replace is_super_admin() checks with current_user_can( 'manage_network_users' ) in wp-admin/user-new.php (lines 40 and 316),flixos90,Role/Capability,,normal,normal,4.8,enhancement,reviewing,has-patch,2016-12-09T13:32:29Z,2016-12-09T16:11:15Z,This is part of the [https://core.trac.wordpress.org/ticket/37616#comment:26] task. There are 2 is_super_admin() checks with current_user_can( 'manage_network_users' ) in wp-admin/user-new.php (lines 40 and 316).,dhanendran,1
39153,Bug in wp_html_split with unclosed PHP tag (or HTML tag
[code-highlight line-numbers=""table"" linenostart=""53"" highlight-lines=""1,3,8"" style=""native"" lang=""html+php"" pyg-id=""1"" ]
checkstyle
[code-highlight style=""native"" lang=""perl"" pyg-id=""2"" ]
(?:s+)(?:(/*([^*]|[rn]|(*+([^*/]|[rn])))**+/)|(//(?!.*(CHECKSTYLE)).*))
[/code-highlight]
}}}
Here dump after this line
{{{
$textarr = wp_html_split( $content );
var_dump($textarr);
exit;
}}}
{{{
array(25) {
[0]=>
string(0) """"
[1]=>
string(3) ""

""
[24]=>
string(1) ""
""
}
}}}
As you can see one shortcode was not splitted, and here the problem. If php closing tag is present (?>)
than everything works fine.
Problematic regex provider
{{{#!php
is found.
. '-(?!->)' // Dash not followed by end of comment.
. '[^\-]*+' // Consume non-dashes.
. ')*+' // Loop possessively.
. '(?:-->)?'; // End of comment. If not found, match all input.
$cdata =
'!\[CDATA\[' // Start of comment, after the is found.
. '](?!]>)' // One ] not followed by end of comment.
. '[^\]]*+' // Consume non-].
. ')*+' // Loop possessively.
. '(?:]]>)?'; // End of comment. If not found, match all input.
$escaped =
'(?=' // Is the element escaped?
. '!--'
. '|'
. '!\[CDATA\['
. ')'
. '(?(?=!-)' // If yes, which type?
. $comments
. '|'
. $cdata
. ')';
$regex =
'/(' // Capture the entire match.
. ']*>?' // Find end of normal element.
. ')'
. ')/';
}
return $regex;
}
}}}
Without any doubts this case should be included in regex. ",crosp,2
38367,Adding Screencast.com as an oEmbed provider,ENDif Media,Embeds,,normal,normal,Future Release,enhancement,assigned,has-patch,2016-10-19T14:58:32Z,2016-12-09T15:07:03Z,"This ticket is a request to have Screencast.com added to the list of oEmbed providers.
Screencast.com is an image and video sharing site created by TechSmith Corporation. It has 2.2 million monthly active users and integrates with other TechSmith products like Snagit, Camtasia, and Jing.
Screencast oEmbed documentation can be found [https://github.com/TechSmith/screencast-developer-docs/blob/master/sections/oembed.md here]. The oEmbed API URL is https://api.screencast.com/external/oembed and is also available at http://www.screencast.com/api/external/oembed.
Example embeddable URLs:
1. !http://www.screencast.com/t/
* The hash is unique for each content page. All content has both a short and long URL (see below for the long format).
* E.g. http://www.screencast.com/t/pLPoObW9yNiV
2. !http://www.screencast.com/users//folders//media/
* The user's name, folder name, and media GUID are variable depending on who's content it is, what folder the user put it in, and what randomly assigned GUID the content got.
* E.g. http://www.screencast.com/users/PaulStanos/folders/WordPressTicket/media/e7ff355d-b94e-42be-a79d-221799417b1a",paulstanos,22
38815,Race conditions in Tests_Formatting_Date,,Build/Test Tools,,normal,normal,Future Release,defect (bug),new,has-patch,2016-11-16T12:48:43Z,2016-12-09T13:03:06Z,"Same as #38381 but for `Tests_Formatting_Date`.
Example: `Tests_Formatting_Date::test_get_gmt_from_date_string_date()` in https://travis-ci.org/aaronjorbin/develop.wordpress/jobs/176355621#L295",ocean90,1
39173,Unifying permission error messages in wp-includes/class-wp-customize-manager.php,,Customize,,normal,normal,Awaiting Review,enhancement,new,has-patch,2016-12-08T02:00:07Z,2016-12-09T11:27:47Z,Related: #34521,ramiy,2
39171,Merge similar translation strings - invalid post type,,"Posts, Post Types",4.7,normal,normal,4.8,enhancement,new,has-patch,2016-12-08T01:25:36Z,2016-12-09T11:14:04Z,See the attached patch.,ramiy,
39148,Clean up of concatenated dynamic hooks,,General,,normal,normal,4.8,enhancement,new,has-patch,2016-12-07T14:53:13Z,2016-12-09T11:12:10Z,"Cleaning up concatenated dynamic hooks as per the [https://make.wordpress.org/core/handbook/best-practices/coding-standards/php/#interpolation-for-naming-dynamic-hooks coding-standards]
Related: #38462 ",keesiemeijer,5
39197,Page not found error on posts in different alphabets,,General,,normal,normal,Awaiting Review,defect (bug),new,,2016-12-09T09:48:07Z,2016-12-09T09:48:07Z,"Hi,
I have a question about the new WP 4.7.
I noticed that the permalinks are not working well for languages that are using different alphabets (for example, cyrillic or arabic).
Before updating to 4.7, I was able to publish posts to my WP sites in Cyrillic, but now these posts are only visible in my Home page, but when I click on the title to open it, I'm sent to 'That page can't be found'. I still have one site that hasn't been updated to 4.7 and publishing posts in these alphabets are working fine.
Is this something that has to do with the recent changes in WP?
Thanks in advance,
Arnela",arnela,
39196,When saving large menus the JSON encoded string was not used. related to #14134,,Menus,4.5,normal,normal,Awaiting Review,defect (bug),new,has-patch,2016-12-09T09:24:44Z,2016-12-09T09:29:39Z,"This is a follow-up to #14134.
The solution proposed in #14134 is not properly working. This is because the values of the JSON string are replacing $_POST but later on $_REQUEST was being used. The only reason it seemed to still work is because the post action of the form was populating all the variables, but still failed when the apache, php or suhosin were reached.
In the proposed solution only the JSON string, menu ID and action are submitted by post and then $_POST and $_REQUEST are populated with the data.
",budaned,1
39152,Twenty Seventeen: phpcs errors and warnings,,Bundled Theme,4.7,normal,normal,4.8,defect (bug),new,has-patch,2016-12-07T17:42:59Z,2016-12-09T08:01:23Z,"Since we are aiming towards automation of the theme review, as described in this [[https://make.wordpress.org/themes/2016/09/29/why-are-we-working-to-improve-the-automation-of-the-theme-review/|blog post]] I wanted to check what's the status with the newly Twenty Seventeen theme.
I used the WordPress coding standard (which also includes the VIP standard sniffs which we can ignore), and ignored the *.js and *.css files (errors there were mostly based about spacing and inline comments, which the phpcs pulled from php rules).
I'm attaching the log file with the errors. Some can be easily fixed by running phpcbf, but some should be taken care of manually - for instance in the `content-video.php` file located in the \template-parts\post folder on line 67 there is
{{{#!php
echo $video_html;
}}}
which should be escaped (I added `esc_html()` and the test videos provided in the theme unit test worked).
Hope this helps :)
",dingo_bastard,4
28081,Do a canonical redirect for pages when query var 'paged' is set,,Canonical,,normal,normal,Future Release,defect (bug),new,has-patch,2014-04-30T19:53:12Z,2016-12-09T04:13:58Z,"Example: http://make.wordpress.org/core/features-as-plugins/page/2323/
You can append /page/{any number} to a page and still get the same content as http://make.wordpress.org/core/features-as-plugins/
The same doesn't happen for posts.
[source:/trunk/src/wp-includes/canonical.php#L274]: Seems like l274 and l276 should be !is_singular() as it was before [6115]. (Block was changed in [9697].)
Want to use this ticket to get some reasons for [6115]. Currently I only can think of custom page templates which are using a custom pagination, so maybe wontfix.",ocean90,9
38280,Make term count for a specific object type available,,Taxonomy,4.7,normal,normal,Awaiting Review,enhancement,new,,2016-10-10T21:54:15Z,2016-12-09T03:45:01Z,"Term count is the total number of relationships with no context of the object types the relationships belong to.
Currently, the best way to determine the count of a term for a specific object type is to run a `WP_Query` with a `WP_Tax_Query` for that term.
{{{#!php
$term_count_query = new WP_Query( array(
'post_type' => 'some-post-type',
'tax_query' => array(
array(
'taxonomy' => 'some-taxonomy',
'field' => 'slug',
'terms' => array( 'term-slug' )
),
),
'posts_per_page' => 1,
) );
$term_count_for_post_type = $term_count_query->found_posts;
}}}
Now that term meta is in core, it would be great if these counts were stored in term meta for easy access.
To start, these counts could be available through a function. To go a step further, an argument could be added to `get_terms()` and other functions to filter the term counts and reflect the object types terms are being grabbed for.",desrosj,4
39191,Twenty Seventeen: Warning in Firefox console for scroll-linked positioning effect.,,Bundled Theme,4.7,normal,normal,Future Release,defect (bug),new,,2016-12-08T21:33:02Z,2016-12-08T23:30:41Z,"When I use TwentySeventeen with Firefox (50.0.2 for Ubuntu) I get this warning on the front page in my console:
This site appears to use a scroll-linked positioning effect. This may not work well with asynchronous panning; see https://developer.mozilla.org/docs/Mozilla/Performance/ScrollLinkedEffects for further details and to join the discussion on related tools and features!
Does not happen with TwentySixteen or in Chromium.
#38850 is related as it is about same warning, but is happening in the editor. ",Shelob9,1
39192,Add the ability to suggest changes to post drafts,,Editor,,normal,normal,Awaiting Review,feature request,new,,2016-12-08T22:46:03Z,2016-12-08T23:18:03Z,"I would like the ability to offer suggestions for draft versions of posts in WordPress.
Google Docs handles this really gracefully. When I reviewing someone else's work I'm able to offer suggestions, which they can accept, comment on, or reject, without actually changing what they've written.
Having this feature would help encourage more collaboration within WordPress itself during the post draft stages.
1. Would this require changes to TinyMCE itself? If so I can submit a suggested wireframe.
2. If it could be done outside TinyMCE, then I have some ideas as well.",JoshuaWold,1
31596,Make it easier to update TinyMCE,,TinyMCE,,low,normal,Future Release,defect (bug),new,needs-docs,2015-03-11T14:07:00Z,2016-12-08T21:59:16Z,"* Load from src like the other tests
* Automatically add the plugins without overwriting files.
* Don't run tests where no plugins are loaded. We're running these test just to test our plugins.
* Remove everything we don't use.
",iseulde,8
36188,"After WordPress installation, the default category archive page is showing a 404 page",,Rewrite Rules,4.2,normal,normal,Future Release,defect (bug),new,dev-feedback,2016-03-09T19:17:14Z,2016-12-08T21:35:34Z,"Steps to reproduce the issue:
1. Install WordPress
2. Log to the back-end
3. Go to Post -> Categories and click on the ""view"" link of the default category.
=> You get a 404 page
Now, if you visit Settings -> Permalinks, the default category archive page is showing correctly.
This issue might be related to #20171",strategio,9
39190,RSS feed not valid: U+001A or 0x1a,,TinyMCE,,normal,normal,Awaiting Review,defect (bug),new,,2016-12-08T21:23:40Z,2016-12-08T21:23:40Z,"I am not sure how is it possible, but one of our users copy/paste text from another website into TinyMCE and content is now filled with strange non-visible Unicode characters `U+001A` / `0x1a` (`001a` in JSON response).
It is not visible in TinyMCE or frontend, but it is saved in database and also RSS feed is considered as invalid (displayed without problem in browser, but characters are there).
RSS feed is processed by other custom scripts and we are receiving following messages (different validators):
`PCDATA invalid Char value 26`
`Input is not proper UTF-8, indicate encoding! Bytes: 0x1A`
I can replace those characters and add a check before saving content into database, but it should not be possible for users to break their feeds by copying content into TinyMCE?",pavelevap,
39097,Links in embeds can't be opened in a new tab,,Embeds,4.4,normal,normal,Awaiting Review,defect (bug),reopened,,2016-12-06T02:50:07Z,2016-12-08T21:09:46Z,"While reading https://make.wordpress.org/core/2016/12/05/wordpress-4-7-field-guide/, which contains many embeds, I wanted to open up all items of interest in new tabs so I could read through them.
In Firefox, mousewheel-clicking, ctrl-clicking, or right clicking a link in an embed immediately opens the link in the same tab (in the last case, without the normal right click menu appearing at all).
In Chrome, mousewheel-clicking does nothing; ctrl-clicking opens it in the same tab, while right clicking does work.
This appears to all be caused by the sandbox attribute on the iframe.
Not allowing the link to open in a new tab seems very wrong, especially when multiple embeds are in a post.",smerriman,5
39163,Use REQUEST_TIME_FLOAT for timing,,Bootstrap/Load,trunk,normal,normal,Awaiting Review,enhancement,new,has-patch,2016-12-07T21:09:53Z,2016-12-08T20:29:11Z,"`$_SERVER['REQUEST_TIME_FLOAT']`
> The timestamp of the start of the request, with microsecond precision. Available since PHP 5.4.0.
Related: #26874 timer_stop() returns a string, not a float
WordPress should expose timing data as a float in the most accurate manner possible. `timer_stop()` has two problems: it uses an initial timestamp generated later than it needs to be (50ms late is what I have seen most often), and its formatted return value can not reliably be used as a number (some locales swap commas and periods, for example).
As `timer_stop()` is a well-established formatting function, a new function is needed for getting the raw data. The new `timer_float()` will simply `return microtime( true ) - $_SERVER['REQUEST_TIME_FLOAT'];`. For compatibility with PHP < 5.4, the initial value is conditionally set at the top of load.php. This is all I've done in small.diff, leaving `timer_stop()` alone.
My goal for this ticket is to get `timer_float()` in core so we can start using it for accurate and reliable timing data to support efforts to manage and improve performance. I don't really care whether any changes are made to `timer_start()` and `timer_stop()`. However, I included them in patches to save time just in case we want them updated.
medium.diff changes `timer_start()` to use `REQUEST_TIME_FLOAT`. This will make measurements more accurate without changing any other semantics.
large.diff bypasses `timer_start()` and automatically starts the timer as soon as possible, i.e. at the top of load.php. This patch tags `timer_start()` as deprecated but we should not move it to deprecated.php because drop-ins might expect `timer_start()` to exist, as might any auxiliary scripts that directly include load.php. (I am not familiar with deprecation strategy generally so I expect feedback on this.) The legacy globals, `$timestart` and its cousin that hopefully nobody ever used, `$timeend`, are both supported in this patch. (I think they should be deprecated as soon as we bump to 5.4.)",andy,1
39157,Feed returns 404 when there are no posts,,Feeds,4.7,normal,normal,4.7.1,defect (bug),new,needs-unit-tests,2016-12-07T18:55:57Z,2016-12-08T20:27:37Z,"Probably result of #30210.
In WP 4.6.1 website without posts returned empty feed.
In WP 4.7 there is only 404 response and message: `ERROR: This is not a valid feed.`
And another side effect: When using `add_feed()` to adding own function then it worked in WP 4.6.1 by default because `$wp_query` contains by default 10 latest posts and even if there were no posts, callback function was processed. But now there is check for `$wp_query->have_posts()` (see [38929]) and so after update to WP 4.7 all these functions stopped working :-( Probably some plugins will be affected by this behaviour...",pavelevap,3
38772,restrict_manage_posts in wp-media-list-table.php missing 2nd param,,Administration,4.6,normal,normal,4.8,defect (bug),new,has-patch,2016-11-13T01:10:34Z,2016-12-08T20:16:20Z,`restrict_manage_posts` in wp-media-list-table.php missing 2nd param that is available and present within wp-admin/includes/class-wp-posts-list-table.php,wpsmith,6
39188,Wrapping paragraph tags around 'Read More' link stripped out of custom post type,,Formatting,4.7,normal,normal,Awaiting Review,defect (bug),new,,2016-12-08T19:42:53Z,2016-12-08T19:42:53Z,"My Genesis child-theme modifies the 'Read More' link in posts and custom post types by stripping out the 3 dots (hellipsis) after the link text, changing the text string, and adding styling attributes. The anchor link is wrapped in a set of p-tags.
When I updated WordPress Core in my local development environment from version 4.6.1 to 4.7, the wrapping p-tags were stripped out, and the anchor tag wrapping the 'Read More' link slid up into the preceding paragraph of text. The padding added to the paragraph tags wrapping the link disappeared, and the link styling became in-line to the preceding paragraph text (not what I wanted).
I was able to install a fresh copy of my local dev site and then reran the WP Core update, reproducing the problem. I'm not sure why the wrapping paragraph tags are getting stripped out. For now, I can work around the problem by running WP v4.6.1, which is not an optimal, long-term solution.
To see an example of how the 'Read More' links are supposed to appear, visit [http://alb.spiralwebdb.com] and view the custom posts on the front page under 'Practice Areas'. A screenshot of the displaced 'Read More' links is attached as a PNG file.",yogaman5020,
16470,Require confirmation on email change,johnbillion,Users,3.0,normal,normal,4.8,enhancement,reviewing,has-patch,2011-02-06T12:07:11Z,2016-12-08T19:38:22Z,"When a new user is registered for a site, the e-mail he provides gets easily confirmed. But immediately after that, the new member can visit his profile and is able to change his e-mail to anything. Regardless of whether it is done on purpose or the user enters a wrong e-mail by mistake, the admin cannot contact the member, should he has to for any reason. The e-mail address is of great importance in such cases and I don't think that's a rare need!
I've had the impression that WP was not offering this feature, but then I realised that the code lies in core, though restricted to multisite installations. I find it quite difficult to understand why.
There might seem to be a relation to #13717, but what I propose hereby is just giving the admin of a single-site installation the '''option''' to activate e-mail change confirmation.
I think the implementation would only require a few changes in wp-admin/user-edit.php, making send_confirmation_on_profile_email() available outside of wp-admin/includes/ms.php and adding an option in Settings.
Why would we have to hack the core or consider a plugin for something almost already offered in core? That's why I describe the ticket as ""enhancement"", not ""feature request"".",linuxologos,10
39099,Customize: Defer triggering selective refresh for all settings until after synced,,Customize,,normal,normal,4.8,defect (bug),new,has-patch,2016-12-06T03:37:07Z,2016-12-08T19:15:38Z,"Selective refresh is triggered when a setting is added, changed, or removed. In the case of being added, there are scenarios where infinite full refresh can ensue if a partial has fallback refresh. This has been particularly evident for nav menus. While the infinite refreshes have largely been fixed for nav menus in #38612, there are still cases more generally where settings could be registered in the controls (admin) but not in the preview (pane). In the case of nav menus, this still causes a selective refresh to happen even at an initial page load.
This is essentially revisiting #37032.",westonruter,2
39102,Customize: Shift-click on placeholder nav menu items fails to focus on the nav menu item control,westonruter*,Customize,,normal,normal,4.8,defect (bug),accepted,has-patch,2016-12-06T04:24:51Z,2016-12-08T19:15:18Z,"When you shift-click on a nav menu item in the customizer preview, the corresponding `nav_menu_item` control should be focused in the pane. However, currently when adding a new nav menu item in the customizer, shift-click is focusing on the nav menu location control as opposed to the nav menu item control.",westonruter,2
37661,"A New Experience for Discovering, Installing, and Previewing Themes in the Customizer",westonruter,Customize,4.2,high,normal,4.8,feature request,reopened,has-patch,2016-08-15T02:35:07Z,2016-12-08T17:46:44Z,"== Background & History ==
The customizer originated as a tool for previewing and customizing themes and as such, was closely integrated into the theme browsing experience in the admin (in WordPress 3.4). Eventually, as the customizer's role grew to that of a framework for live-previewing any change to a site, it became apparent that it would benefit from a more direct way to switch themes, without entering the admin context. The Customizer Theme Switcher plugin was created, and after some refinement, merged into WordPress 4.2. However, while it initially included external links to install themes in the admin, these were eventually removed due to the jarring experience of unexpectedly leaving the customizer.
Currently, there is no indication that additional themes can be installed when viewing available themes in the customizer. For new users, it may take quite a bit of time to discover the ability to install themes, via wp-admin, or they may give up on WordPress before making this discovery. This is a usability dead-end where a user's flow is disrupted in the process of discovering, installing, previewing, and activating themes, both on initial site setup and when considering a redesign.
When the theme switcher plugin was developed, we made preliminary plans for a theme installation interface as a second phase of the project. Specifically, it would leave the ""preview"" context of the customizer, but retain the same identity in the user experience and provide cognitive hierarchy from the options in the various customizer sections by sliding in from the right instead of the left. @folletto helped develop this initial concept early last year.
== Technical Constraints & Requirements ==
There have been several technical limitations preventing theme installation in the customizer from being addressed previously. Most notably, such an interface would require ""shiny"" ajax-based theme installation, updates, and deletion, so that the user flow could persistently stay in the customizer themes interface rather than jumping to separate ""installing"" views. This is now possible with phase 2 of ""Shiny Updates"" in WordPress 4.6. Additionally, expansions of the customizer JavaScript and JS-templated controls APIs to better support dynamically-registered controls were needed to support theme installation within the customizer framework, and these were added for the customizer menus interface introduced in WordPress 4.3. With these technical constraints eliminated, theme installation in the customizer can now be considered without requiring significant improvements to the underlying themes or customizer APIs.
The way that the customizer currently previews themes requires the customizer to be completely reloaded from PHP to preview a different theme. Ideally this will eventually change, but due to the complexity of redesigning the internals to make use of a theme setting, and eventually to adjust which theme's registered sections, settings, and controls to use dynamically, changes to these pieces should be explicitly out of scope for the user-facing flow project. The biggest usability block that this limitation causes is that unsaved changes are lost when the theme is switched. This is currently handled by prompting users with an are-you-sure notice in the browser before making the switch, but limitations in JavaScript require the loading indicator to be hidden after the user selects either to stay on the page or to continue to the new theme, causing confusion. In a new interface, this could be further mitigated by displaying a warning that there are unsaved changes, with an inline button to save and publish them, at the top of the interface, so that it is in the user's flow before they begin browsing themes. With transactions, a save draft option could also become possible in the future, allowing the changes to be saved without being published.
== Previewing Themes ==
One of the biggest challenges with theme installation in wp-admin, and opportunities in the customizer, is previewing themes. Currently, a customizer-like frame displays a preview hosted on WordPress.org, with limited content. Rather than opening this potentially-disorienting similar but different interface, the proposed flow de-emphasizes the distinction between installed and available themes. The primary action for available themes is now ""Install & Preview"", which installs the theme and live previews it in one step. Users can now see the theme on their site with their content and play with its options in the customizer. If they decide it's the wrong theme, the themes panel can be quickly reopened and another theme selected and previewed with no harm done. A secondary action would allow themes to be installed without instantly previewing, so that the installed themes tab can become a personal theme library of sorts, where users can save themes that they might want to try on their site. Installed themes being a tab along with the available theme headings unifies the previously-disorienting separation of themes and add-new themes on separate screens, with separate search and header (add new/upload theme) functionality.
== Initial Proposal ==
Based on the preliminary design work done by @folletto as well as the goals and proposals presented above, I have put together an initial nearly-fully-functional proposal for a new themes interface in the customizer. Due to the tight integration with the existing system, with the existing theme control and section as well as internal elements in the customizer manager and theme details template requiring moderate modifications, this needs to be completed as a patch and cannot be reasonably converted into a plugin and back. To counteract this challenge, I have completed the major structural development process already, so that iterations can focus on the UI, UX, accessibility, and smaller details that won't impact the base functionality. A list of development tasks leading up to this point and remaining tasks is forthcoming.
The technical implementation continues adapting the concepts present in the backbone.js-based themes experience in wp-admin to leverage the customizer API. With the themes experience natively built on the customizer framework, it should be much easier for developers to improve and maintain the core experience in the future as well as extending the core experience in a structured way.
A few notes on the initial proposal, which will be supplemented with visuals and a patch below:
- The themes experience is unchanged on the top level of the customizer, but selecting the change theme button now opens a panel that fills the entire screen, as the preview is not relevant when considering a theme change.
- The customizer UI identity is preserved by using similar design cues, such as the #eee background with white backgrounds indicating actionable UI, and the current theme display in the header, which matches the display in the customizer pane.
- Where possible, the UI is identical to that found in the theme installer in wp-admin (which would remain, of course).
- The theme details view is unified between installed and available themes, with clicking on a screenshot opening the details view to match the admin UI.
- Primary buttons are used where clicking them takes you away from the current page; secondary buttons are used elsewhere.
- Installed themes are no longer loaded every time the customizer is opened, resulting in potentially significant performance improvements by only calling `wp_prepare_themes_for_js()` when needed. This also allows themes in the customizer to be fully disabled with `remove_panel( 'themes' )`.
- The loading strategy attempts to balance performance with wait time by loading theme data from Ajax in large batches (100 themes) and following up by rendering screenshots as they become visible (as the existing interface does).
Note: this ticket description can be adapted for a make/core post once initial feedback is incorporated.",celloexpressions,139
39178,REST API: Improve strings added after 4.7 string freeze,,REST API,4.7,normal,normal,4.8,enhancement,new,,2016-12-08T03:21:09Z,2016-12-08T17:36:27Z,"We fixed a few API bugs in 4.7 that required new error strings. Some of these were during string freeze, so we repurposed existing strings rather than adding new ones.
We should go through and update these to better messages and error codes. For example, [39440] added `rest_orderby_include_missing_include` which needs a more helpful message and a less verbose error code (see the `rest_no_search_term_defined` error [https://core.trac.wordpress.org/browser/trunk/src/wp-includes/rest-api/endpoints/class-wp-rest-posts-controller.php?rev=39440&marks=148,153#L135 immediately above]).",jnylen0,3
38911,Prevent Media Library search making an AJAX request for each char typed.,adamsilverstein,Media,4.6.1,normal,normal,Awaiting Review,enhancement,assigned,has-patch,2016-11-23T08:29:20Z,2016-12-08T17:22:22Z,"I've noticed that while searching for a media in the ""Media Library"", WP makes an AJAX request immediately after a char is typed. So if I type in a long word, it will do a lot of sequential AJAX requests to the server.
In most small site environments that is fine, but in some large WP installations with a lot of media (and traffic), sometimes each request takes few seconds to complete, causing the latest requests failing due to queue timeout and the Library interface to hang.
I will be great if, while the user is typing, the UI only makes an AJAX request if the user has stopped writing for a determined amount of time. I've noticed that there is already a _.debounce handler in media-grid.js but it doesn't cancel the intermediate requests.
I've inspected this in few sites (with WP 4.6.1 ad very few plugins) and all have this behavior.
",brandomeniconi,7
39010,REST API: Treat null and other falsy values like `false` in 'rest_allow_anonymous_comments',jnylen0,REST API,4.7,normal,normal,4.7.1,enhancement,reopened,commit,2016-12-01T18:50:17Z,2016-12-08T17:06:06Z,"Currently the `rest_allow_anonymous_comments` filter checks for an explicit `false` value to disable anonymous comments. We should extend this check to any falsy value instead.
As noted in the tests, the specific case I'm envisioning is that a plugin developer forgets to include a return value for some code path in their callback for this filter, leading to a value of `null` which is currently treated like `true`. We should fix this before it has a chance to show up in the wild.
Props @joehoyle for originally spotting this at ticket:38855#comment:6, but it wasn't addressed in the commit there.",jnylen0,7
38998,"Inconsistencies on admin update page, 'up-to-date' vs 'up to date'",,I18N,4.6.1,normal,trivial,Awaiting Review,defect (bug),new,close,2016-11-30T23:08:25Z,2016-12-08T17:05:00Z,The WordPress Update page in wp-admin includes both the phrases 'up-to-date' and 'up to date'. We should decide on one format to keep things consistent.,aprea,4
39070,WP-API JS client can't use getCategories for models returned by collections,adamsilverstein,REST API,4.7,normal,normal,4.7.1,defect (bug),assigned,needs-unit-tests,2016-12-04T20:03:25Z,2016-12-08T16:56:31Z,"Migrating report from https://github.com/WP-API/client-js/issues/144
----
If I do this:
{{{
var postsCollection = new wp.api.collections.Posts();
postsCollection.fetch();
}}}
I'm only seeing the category id returned in the attributes object for each post.
Is there a way to include all category data there? Or from that point, when I'm looping over postsCollection, how do I get the category data for each post?
I tried doing this:
{{{
postsCollection.each( function( post ) {
post.getCategories().done( function( postCategories ) {
// ... do something with the categories.
// The new post has an single Category: Uncategorized
console.log( postCategories[0].name );
// response -> ""Uncategorized""
});
});
}}}
But this is giving me post.getCategories is not a function.
Any insight here? Basically I'm just trying to find out how to loop over posts AND include their categories.",jesseenterprises,5
39054,REST API: Improve error messages for number relational validation,,REST API,4.7,normal,normal,4.7.1,defect (bug),new,has-patch,2016-12-04T17:15:12Z,2016-12-08T16:48:02Z,"For a simple relation (i.e. when not describing that a value should be `between` two bounds), using the `exclusive` & `inclusive` modifiers aren't as readable as they could be.
When the relation is `exclusive`, `greater than` implies the exclusivity.
When the relation is `inclusive`, `greater than or equal to` would be easier to read.
For example, calling `/media?page=0` currently returns: `page must be greater than 1 (inclusive)`.
I'd expect it to say: `page must be greater than or equal to 1`",jblz,4
38700,REST API: Cannot send an empty or no-op comment update,rmccue,REST API,4.7,normal,normal,4.7.1,defect (bug),assigned,has-patch,2016-11-08T01:41:08Z,2016-12-08T16:44:31Z,"Sending a POST/PUT/PATCH request to `/wp/v2/comments/:id` fails if the update is empty, or if the comment data is the same as what's currently stored in the database.
This is due to a [https://core.trac.wordpress.org/browser/trunk/src/wp-includes/comment.php?rev=39153&marks=2204,2222#L2191 quirk] of `wp_update_comment`: it returns the number of rows updated by `$wpdb->update`, which may be zero. However, zero is [https://core.trac.wordpress.org/browser/trunk/src/wp-includes/comment.php?rev=39153&marks=2146,2151#L2128 also used] as the return value for an error condition. The API should differentiate between these two states.
For any other object type, sending a ""null update"" via the API is successful.",jnylen0,17
39042,REST API: Allow sanitization_callback to be set to null to bypass `rest_parse_request_arg()`,kkoppenhaver,REST API,4.7,normal,normal,4.7.1,defect (bug),assigned,has-patch,2016-12-03T19:41:37Z,2016-12-08T16:40:14Z,"In #38593 we use the default callback for a property type if it is set, but you cannot override this behavior.
As an example, if you have a property schema like:
{{{#!php
'some_email' => array(
'description' => __( 'Email address for ...' ),
'type' => 'string',
'format' => 'email',
'arg_options' => array(
'sanitize_callback' => null, // SHOULD skip built-in saniziation of 'email' type.
'validate_callback' => 'custom_callback',
),
),
}}}
The logic in `WP_REST_Request->sanitize_params()` that was added in [39091] does not account for `null` being the `sanitization_callback` which then results in `rest_parse_request_arg()` being set to the callback, which runs both default sanitization and validation functions.
See: https://core.trac.wordpress.org/browser/trunk/src/wp-includes/rest-api/class-wp-rest-request.php?annotate=blame#L823
",rachelbaker,8
39072,Add gmt_offset as a REST API setting,,REST API,4.7,normal,normal,4.7.1,defect (bug),new,needs-unit-tests,2016-12-04T20:21:43Z,2016-12-08T16:33:25Z,"The timezone string can be seen and updated via the REST API, but there is no way to get the GMT offset (which I would imagine is more more valuable for calculating things). There is also no way to update it (aka manual offset).
The attached patch is one way to fix it. It makes sure to clear out the timezone string if you are manually overriding/setting the offset. I'm not sure if what I have is the best way to handle that case for the API, but I took a stab at it. If a timezone string is set, the offset is correctly returned for that timezone.",jshreve,7
39038,Add support for non-split shared terms to singular term capabilities,,Taxonomy,,normal,normal,4.7.1,defect (bug),new,,2016-12-03T04:53:54Z,2016-12-08T16:32:07Z,"As reported in #35614 by @kevinB, the `edit_term`, `delete_term` and `assign_term` singular capabilities only pass the `term_id` and not the `taxonomy`. For compat with installations where shared terms aren't split, we should specify the taxonomy, or trigger splitting.
> As implemented in 4.7 RC, these meta capability checks accept a term_id with no taxonomy specified. This is an issue for legacy installations that have term_id != term_taxonomy_id. Taxonomy determination is now slated to fall to WP_Term::get_instance(), which will try to disambiguate but may return WP_Error.
> An obvious option would to require the additional taxonomy argument following term_id. This would cause a fourth item in the $args array passed into the 'map_meta_cap' filter - a break with tradition, but not a problem for API-compliant plugins in my view.",dd32,8
39006,REST API: Language setting should not be present when no languages are available,,"Options, Meta APIs",4.7,normal,normal,4.7.1,defect (bug),new,,2016-12-01T16:12:57Z,2016-12-08T16:27:32Z,"In `register_initial_settings()`, the `WPLANG` setting is always present (and always available to the REST API), but on the General Settings screen this field is not available if there are no languages installed on the site.
This field should not be registered as an editable setting in the REST API if there are no languages installed on the site, however it makes sense for the setting to be available as read-only, even if it only returns `en_US` in this situation.",johnbillion,7
39057,FTP credentials form doesn't display the SSH2 fields on the Updates screen,,Upgrade/Install,4.6,normal,normal,4.7.1,defect (bug),new,has-patch,2016-12-04T17:48:48Z,2016-12-08T16:21:52Z,"The FTP credentials form is used both in the Plugins/Themes screens (where it's in a modal window) and in the Updates screen. When it's displayed inside the modal, selecting the SSH2 radio button makes the Authentication Keys fields appear:
[[Image(https://cldup.com/ltG5jB7V3O.png)]]
[[Image(https://cldup.com/cY7tzqAK5D.png)]]
On the Updates screen instead, when selecting the SSH2 radio button nothing happens:
[[Image(https://cldup.com/is34DsUkk6.png)]]
Worth reminding before 4.6 the two Authentication Keys fields were in a different position (above the radio buttons) and always displayed on the Updates screen.",afercia,3
39141,RSS feeds have incorrect lastBuildDate when using alternate languages,,Feeds,4.7,normal,normal,4.7.1,defect (bug),new,has-patch,2016-12-07T11:25:21Z,2016-12-08T16:13:21Z,"When setting my site in English, the RSS feed says:
'''Wed, 30 Nov 2016 15:47:34 +0000'''
But when I set it up in Dutch, it says:
'''wo, 30 nov 2016 15:47:34 +0000'''
This date should be a valid RFC date. Otherwise feed validators won't validate the feed.
'''Possible fix:'''
{{{#!php
",__jester,6
39109,Twenty Seventeen: starter content array needs a filter,,Bundled Theme,4.7,normal,normal,4.7.1,defect (bug),new,,2016-12-06T15:10:58Z,2016-12-08T16:05:31Z,"There currently seems to be no way to extend the starter content provided in Twenty Seventeen in a child theme. I'd suggest applying a filter to the starter content array so that child themes (or plugins) can selectively add or remove items as they see fit without having to duplicate the entire array. This should also become a best practice for all themes.
While we're at it, there are no inline comments whatsoever around Twenty Seventeen's starter content registration. Since this is the only canonical complete implementation initially available, we should add some inline documentation to explain how the starter content array works.
Calling `add_theme_support( 'starter-content', array( ...` in a child theme seems to prevent starter content from working at all since the theme's starter content is registered already. The workaround would probably require removing theme support then adding it and duplicating the entire array until the filter is in place.",celloexpressions,4
39185,"REST API Media end-point, ""description"" field changes with WP 4.7",,REST API,4.7,normal,normal,Awaiting Review,defect (bug),new,,2016-12-08T14:37:24Z,2016-12-08T15:12:27Z,"Previously in the JSON response from querying wp-json/wp/v2/media, the description field contained the textual description as entered in the relevant field within WP-Admin Media Library.
{{{
""description"":""Site Banner""
}}}
Now it returns a render.
{{{
""description"":{""rendered"":""

'} );
if ( 'setting_D' == servusSettingId && 'dominus_value_3' == to )
api('setting_D').set('setting_D_value_2');
}
}
}}}
Registering dependencies could then be done with the following code :
{{{
api.registerDependencies(
[
{ dominus : '', servi : [], visibility : function(){}, actions : function(){} },
{ ... },
...
]
);
}}}
The `api.registerDepencies()` utility would store the collection in a static api property, like `api._dependencies`, or better, as an observable value like `api.dependencies = new api.Value( [ //the collection ] )`, to let us react to possible dynamic changes (like settings being dynamically added) happening to this collection during a customization session.
'''Firing the dependencies'''
The idea would be to fire the relevant registered setting dependencies of the currently active section() only, to optimize performances.
To wrap the code and initialize it, a new Class could be introduced, let's call it `api.Visibilities = api.Class.extend( {} )`.
Why a class ? => even if it would have only one instance in the api, instantiating this code as a class would offer a convenient and clean way to initializing it and wrapping the various methods.
The job of this `new api.Visibilities()` object would be to :
1. grab the `api.dependencies()` and make sure the registered dependencies are well formed
2. listen to the current section expansion
3. may be fire dependencies callbacks : visibility and custom actions
4. make sure that the callbacks are bound to registered and embedded controls ( or registered settings ) with the following type of syntax :
{{{
api.control.when( setId, function() {
api.control( setId ).deferred.embedded.then( function(){
callback();//dependency callback
});
});
}}}
Any feedbacks and additions are welcome !
",nikeo,
38797,api.previewer.refresh() could return a deferred.promise() with custom server data,,Customize,,normal,normal,Awaiting Review,enhancement,new,,2016-11-15T09:49:46Z,2016-11-15T09:49:46Z,"Following a discussion (https://core.trac.wordpress.org/ticket/38728#comment:8) with @westonruter, I'd like to propose an enhancement for the `api.previewer.refresh(`) method.
There might be cases when a developer needs to fire a previewer refresh after a specific customizer change, and execute other actions when this refresh has been done.
From a general standpoint, I think that the asynchronous nature of the refresh makes it a good candidate for returning a deferred promise.
An example of use case could be that a developer has several predefined settings configuration available for a given theme. Each time a configuration is switched to, the settings have to be changed to a set of predefined values set in the api. Those predefined values are stored server side in say a custom post type ( like the changeset for ex. ).
A way to do that would be to fire an `api.previewer.refresh()` when switching to a given predefined configuration, that would be followed on `api.previewer.refresh().done( ... )` by an update of the api values, if some conditions are met.
With the current api, we can add callbacks to the `'synced'` previewer event, but it will be fired on all `api.previewer.refresh()` calls, with no possibility to target a specific refresh situation that should be followed by a custom action.
This problem could be solved by making the refresh return a deferred promise. This $.Deferred() would be resolve() in the `onceSynced()` callback function (of the current refreh method), taking a `sent_preview_data` object as param.
While this deferred would be implemented in the `api.previewer.refresh(`) method of customize-control.js, another minor addition in customize-preview.js could allow developers to easily pass custom server data on refresh to the panel this way, and then use those data once the refresh is done.
This way, it would be possible to use the following kind of syntax to fire an action on demand after a specific refresh().
{{{
api.previewer.refresh().done( function( sent_preview_data ) {
// fire actions after a specific refresh, when the preview is ready and synced
// the sent_preview_data, could be an object sent when the api.preview.send( 'synced', preview_data() ),
// providing customizable server informations that we may need after a refresh.
} );
}}}
On the preview side, in order to pass a server data object to the resolve refresh, the idea would be to introduce a `new api.Value()` that could be populated before the synced event occurence.
The current code in [customize-preview.js]https://core.trac.wordpress.org/browser/trunk/src/wp-includes/js/customize-preview.js#L679 :
{{{
api.preview.send( 'synced');
}}}
could be replaced by :
{{{
api.server_data = api.server_data || new api.Value( {} );
api.trigger('before_synced', api.server_data() );//<= developers can alter the api.server_data() here, before it gets sent
api.preview.send( 'synced', api.server_data() );
}}}
This way, a developer could pass custom data to the panel when `api.previewer.refresh().done()`, using the `synced` event, with this type of code :
{{{
'string',
'show_in_rest' => true,
'auth_callback' => 'check_logged_in' );
register_meta( 'comment', 'flagged', $args );
function check_logged_in(){
return is_user_logged_in();
}
}}}
However, I don't want them to be able to edit the comment itself so `current_user_can( 'edit_comment' )` should return false.
So that's the use case.
What happens at the moment is, well, no one can update the comment because there's no edit_comment_meta capability. But it's not a problem making the capabilities work like that.
However, `edit_post_meta` currently doesn't work like that. For `current_user_can( 'edit_post_meta' )` to return true, a user also has to have the `edit_post` capability. It's straightforward to change, but does have one backwards incompatibility: if someone is using current_user_can( 'edit_post_meta' ) with a registered meta key which has an auth_callback that returns true but they really ''don't'' want the person to update the post meta so are relying on the fact that they don't have the edit_post capability, then that will change and that person will be able to update the post meta. It's a slightly convoluted edge case, admittedly.
Attached is a patch that shows how it would work with unit tests.
",tharsheblows,16
25648,plugin.php causes infinite loop and gigabytes of warning messages in error logs,,Plugins,3.6.1,normal,normal,Awaiting Review,defect (bug),reopened,,2013-10-21T12:12:22Z,2016-11-15T00:23:18Z,"We host several wordpress instances in a multi-user environment on our servers. Some installations cause regulary massive error log files with warnings like these:
PHP Warning: next() expects parameter 1 to be array, boolean given in [...]/html/wordpress/wp-includes/plugin.php on line 408
PHP Warning: current() expects parameter 1 to be array, boolean given in [...]/html/wordpress/wp-includes/plugin.php on line 404
After some googling I found out, that this behaviour is known for more than 10 month. So, if you could fix that, that'd be great.",ticktoo,19
15551,Custom post type pagination redirect,,Query,3.1,normal,normal,Future Release,defect (bug),reopened,,2010-11-23T21:50:06Z,2016-11-15T00:19:32Z,"We seem to be having a problem with a redirect on a custom post page (e.g., http://www.example.com/show/slug/).
Everything on the page shows correctly. The template pulls in posts with the following query:
{{{
'show', 'meta_value' => $show->ID, 'paged' => get_query_var('paged'), 'caller_get_posts' => true)); ?>
}}}
After the posts we display pagination links (e.g., http://www.example.com/show/slug/page/2/). In our rewrite rules, we include the following rule which should handle these URLs:
{{{
'show/([^/]+)/page/([0-9]{1,})/?$' => 'index.php?show=$matches[1]&paged=$matches[2]',
}}}
Instead of the page displaying and allowing us to pull in the second page of posts, the browser is being redirected back to the original page (http://www.example.com/show/slug/) with a 301. I see that this is happening inside the redirect_canonical function. The following code in wp-includes/canonical.php replaces /page/2/ with / causing the redirect:
{{{
// paging and feeds
if ( get_query_var('paged') || is_feed() || get_query_var('cpage') ) {
if ( !$redirect_url )
$redirect_url = $requested_url;
$paged_redirect = @parse_url($redirect_url);
while ( preg_match( ""#/$wp_rewrite->pagination_base/?[0-9]+?(/+)?$#"", $paged_redirect['path'] ) || preg_match( '#/(comments/?)?(feed|rss|rdf|atom|rss2)(/+)?$#', $paged_redirect['path'] ) || preg_match( '#/comment-page-[0-9]+(/+)?$#', $paged_redirect['path'] ) ) {
// Strip off paging and feed
$paged_redirect['path'] = preg_replace(""#/$wp_rewrite->pagination_base/?[0-9]+?(/+)?$#"", '/', $paged_redirect['path']); // strip off any existing paging
$paged_redirect['path'] = preg_replace('#/(comments/?)?(feed|rss2?|rdf|atom)(/+|$)#', '/', $paged_redirect['path']); // strip off feed endings
$paged_redirect['path'] = preg_replace('#/comment-page-[0-9]+?(/+)?$#', '/', $paged_redirect['path']); // strip off any existing comment paging
}
}}}",cbsad,13
37526,Introduce the possibility to register new administration panels,,Administration,,normal,normal,Awaiting Review,enhancement,new,needs-unit-tests,2016-07-30T10:34:59Z,2016-11-15T00:13:33Z,"I'm currently trying to build a plugin that implements a completely custom administration panel. Unfortunately it's currently not possible to fully make it work with the Core implementation. Therefore my proposal is to introduce a function like `register_administration_panel( $name, $args )` that developers can use to build their own custom admin panel and have Core support it. They would need to take care of the functionality for that panel themselves - the registration would only ensure that the parts that are unified for all administration panels in Core will act in a compatible manner.
WordPress Core supports two additional administration panels on Multisite ('network' and 'user') which could leverage that function as well. The idea is that everywhere we currently check for `is_network_admin()` and `is_user_admin()`, we'd now use the administration panels registered to detect where we currently are. This would provide a flexible API and also clean up some code. The default admin would not be checked for there, instead it will be the fallback as it currently is in Core implementation as well.
Note that registering a custom administration panel should be considered an edge-case. The reason I personally would appreciate that functionality for is that I'm building a plugin that implements a global administration panel (for Multinetwork). Note that while the examples I mentioned are all Multisite-related, the function shouldn't be restricted to Multisite. The average plugin won't and shouldn't use it, but the function can be useful for custom projects which require an interface that other plugins should not interact with at all, for example a member area of a membership site with custom functionality.
Introducing this functionality would also make #37445 and #37446 unnecessary (two tickets I opened earlier).
I will add a patch as a proof-of-concept of what this could look like.",flixos90,9
30386,Keyboard user has to tab through all uploaded images to insert an image,afercia,Media,,normal,normal,Future Release,defect (bug),assigned,,2014-11-18T17:26:04Z,2016-11-14T17:44:38Z,"This is about the tab order in Add Media -> Insert media screen after uploading an image.
After uploading an image, a keyboard or screen reader user has to tab trough all the already uploaded images before she/he can insert the image into a post or page.
When there are many images it becomes almost undoable to insert an image.
An idea might be to add an extra submit button or to move the button in the tab order.",rianrietveld,7
30180,wp_get_attachment_image_src does not return alt or meta,joedolson*,Media,,normal,normal,4.8,enhancement,accepted,,2014-10-29T18:42:55Z,2016-11-14T17:34:56Z,"In practical use,wp_get_attachment_image_src is very useful for displaying an attached image - but requires a separate call to get any other image meta or the alt attribute.
In addition to making any application that needs alt attr or meta data for display simpler, having the alt attribute present in this function increases the likelihood that developers will use the alt attribute in their ultimate output.
",joedolson,11
38784,Set no_found_rows inside _WP_Editors::wp_link_query,,Editor,4.6.1,normal,normal,Awaiting Review,defect (bug),new,,2016-11-14T15:08:56Z,2016-11-14T15:08:56Z,"Since the `WP_Query` inside the `_WP_Editors::wp_link_query` is not taking advantage of `found_posts` nor of `max_num_pages`, not setting `no_found_rows` and thus triggering a SQL query with `SQL_CALC_FOUND_ROWS` does not feel right.
The extra queried information is not being used and forces the SQL query to scan much more rows than it needs to.",david.binda,
38782,Insert/Edit link scrolling triggers AJAX requests for both (recent and search) rivers,,Editor,4.6.1,normal,normal,Awaiting Review,defect (bug),new,,2016-11-14T14:57:00Z,2016-11-14T14:57:00Z,"I noticed quite a number of insert/edit link related SQL queries. When testing the feature, I have noticed that in case a search keywords is typed into the search field and user scrolls down the results, not only the search river related AJAX is made, but also a recent river triggers an AJAX request.
The behaviour currently looks this way:
1) opening the Insert/Edit link modal triggers following AJAX request:
action: wp-link-ajax
page: 1
2) putting in a keyword to search input triggers following AJAX request:
action: wp-link-ajax
page: 1
search: {keyword}
3) scrolling down the results of the search query produces two AJAX request:
action: wp-link-ajax
page: 2
and
action: wp-link-ajax
page: 2
search: {keyword}
4) as the search AJAX for page 2 returned `false`, scrolling up produces following AJAX only:
action: wp-link-ajax
page: 3
5) removing the keyword form the search input user is taken to the recent river which now already contains 4 pages of results
Since this behaviour is producing a lot of SQL queries with an increasing offset, those queries are getting slow with increasing dataset. Shouldn't the implementation be triggering AJAX requests for visible river only?",david.binda,
38442,Error when WP_Query parses orderby array in function parse_order,,Query,4.6.1,normal,normal,Awaiting Review,defect (bug),new,needs-unit-tests,2016-10-21T22:17:25Z,2016-11-14T14:34:46Z,"Example of query where I want to order by two custom fields in meta query
'''start_date_order''' and '''is_sticky'''
{{{#!php
true ,
'posts_per_page' => 4,
'post_type' => 'event',
'post_status' => 'publish',
'meta_query' => array(
'relation' => 'AND',
array(
'key' => 'start_date_order',
'type' => 'UNSIGNED',
),
array(
'key' => 'is_sticky',
'type' => 'UNSIGNED',
),
),
'orderby' => array(
'start_date_order' => 'DESC',
'is_sticky' => 'ASC',
),
);
$result_query = new WP_Query( $args );
echo $result_query->request;
}}}
The wrong SQL query generated is
{{{
SELECT wp_posts.ID
FROM wp_posts
INNER JOIN wp_postmeta ON ( wp_posts.ID = wp_postmeta.post_id )
INNER JOIN wp_postmeta AS mt1 ON ( wp_posts.ID = mt1.post_id )
WHERE 1=1
AND (
wp_postmeta.meta_key = 'start_date_order'
AND mt1.meta_key = 'is_sticky'
)
AND wp_posts.post_type = 'event'
AND ((wp_posts.post_status = 'publish'))
GROUP BY wp_posts.ID
ORDER BY CAST(wp_postmeta.meta_value AS UNSIGNED) DESC
LIMIT 0, 3
}}}
The '$primary_meta_query' var in method parse_order( $order ) is set forever with the first item of '$meta_clauses' array
see line 2336 /wp-includes/query.php
{{{#!php
$messages ) {
foreach ( $messages as $message ) {
$error->add( $code, $message );
}
if ( $error_data = $error->get_error_data( $code ) ) {
$error->add_data( $error_data, $code );
}
}
}}}
While this multi-error feature isn't widely used, it's very helpful in the REST API, where multi-errors are natively supported via an `additional_errors` key in the error response.",rmccue,
38774,Date and time APIs for posts make wrong timezone assumptions,,Date/Time,4.6.1,normal,normal,Awaiting Review,defect (bug),new,,2016-11-13T20:05:37Z,2016-11-13T20:05:37Z,"WP doesn't store timezone information in ""main"" (non-GMT) post fields. Many of related APIs make a wide assumption that correct time zone is merely the one set in settings right now:
{{{#!php
> tab ancor | issue. Bad visual.,,TinyMCE,,normal,major,Awaiting Review,defect (bug),new,close,2016-09-21T12:52:35Z,2016-11-12T22:49:15Z,"In my Wordpress I have this page code:
Code has been pasted here:
http://pastebin.com/TfLaEK1n
IF I paste that code on GitHub ( https://github.com/tinymce/tinymce/issues/3199 ) or TinyMCE demo ( https://www.tinymce.com/docs/demo/basic-example/ ) the content is showed correctly, in my WordPress not.
Also in a clean WordPress Install the code is not showed correctly.
Please take look at this TinyMCE report here (closed because seems not a TinyMCE issue):
https://github.com/tinymce/tinymce/issues/3199
Can you solve this issue on WordPress as TinyMCE says is not an issue related to TinyMCE and WordPress without any plug in have issue?
Support topic on WordPress created here:
https://wordpress.org/support/topic/issue-tinymce-wrdpress-wrong-tab-ancor-content-on-wordpress/
All version of WordPress seems affected.
[[Image(https://cloud.githubusercontent.com/assets/5006150/18708646/41123ebe-7ffc-11e6-9b0d-f5bc67e5e3c7.png)]]
[[Image(https://cloud.githubusercontent.com/assets/5006150/18708657/4d16e994-7ffc-11e6-9389-dfbb4e4b369d.png)]]",peopleinside,9
38759,Accessibility glitch when editing an embedded video,joemcgill,Media,3.9,normal,normal,Future Release,defect (bug),reviewing,,2016-11-11T19:26:59Z,2016-11-11T22:34:50Z,"to reproduce: make a new page and enter video shortcode for embedding a video like
{{{
[video src=""https://www.youtube.com/watch?v=KF8bGYks-bk""]
}}}
in text mode. Switch to Visual Mode, click to edit the video.
Above the URL of the video will be an area (titled SRC) where you have a mouse pointer like if it was a link, but it isn't. See screenshot..
The label ""SRC"" is hardcoded in `\wp-includes\media-template.php` L.1044/1127
",Presskopp,5
38686,Incorrect fallback value for label_count when registering a custom post status,,"Posts, Post Types",,normal,normal,Awaiting Review,defect (bug),new,has-patch,2016-11-06T19:13:07Z,2016-11-11T20:40:11Z,"When registering a custom post status, the `label_count` argument falls back to an array of the label names if it's not provided. This is incorrect and causes PHP notices on the post listing screen because the post status label expects a nooped plural. It should fallback to calling `_n_noop()`.
Example code:
{{{
register_post_status( 'foo', [
'label' => 'Foo',
'show_in_admin_status_list' => true,
] );
}}}
PHP notices:
{{{
Undefined index: domain wp-includes/l10n.php:514
Undefined index: context wp-includes/l10n.php:517
Undefined index: singular wp-includes/l10n.php:520
Undefined index: plural wp-includes/l10n.php:520
}}}",johnbillion,2
38760,Capture result size in bytes when SAVEQUERIES is true,,Database,,normal,normal,Future Release,enhancement,new,,2016-11-11T19:49:44Z,2016-11-11T19:49:44Z,"Inside of `WP_DB::_do_query()`, it would be neat if `$this->result` was measured as size in bytes, so debugging tools had a better sense of how much data was running over the network.",danielbachhuber,
28033,post_categories_meta_box on non-hierarchical custom taxonomy,rufein,Taxonomy,3.9,normal,normal,Future Release,defect (bug),assigned,,2014-04-25T20:50:54Z,2016-11-11T19:32:09Z,"Slightly based on the work done in #14206
Using a non-hierarchical custom taxonomy in combination with meta_box_cb 'post_categories_meta_box'. Creates a new term with the id name of the selected term_id on submission. (See attached file)
First time added term ""Custom"", selected it
Published post. (It auto added the term ""207"")
Published post. (It auto added the term ""208"")",ByronicEntity,11
38628,Pasting an image URL inside for a shortcode unexpectedly displays the image,,TinyMCE,,normal,normal,Future Release,defect (bug),new,,2016-11-02T20:31:28Z,2016-11-11T19:16:18Z,"Given a shortcode in the TinyMCE like:
{{{
[image url=""""]
}}}
When I paste an image URL `http://example.org/image.jpg` inside of the `url=""""` attribute, I'd expect to see:
{{{
[image url=""http://example.org/image.jpg""]
}}}
Instead, I see the image URL expanded to its visual representation.
It seems like `smartInsertContent()` should be disabled when the selection is inside of a shortcode.",danielbachhuber,5
37646,Make wp-settings.php a series of do_actions(),,Bootstrap/Load,,normal,normal,Awaiting Review,enhancement,new,dev-feedback,2016-08-12T19:07:44Z,2016-11-11T17:43:54Z,"Now that #36819 is in, my master plan for `wp-settings.php` can begin.
----
'''Problem'''
`wp-settings.php` makes many assumptions, many on purpose, others by necessity, some on consequence, and a few by accident. It is somewhat poorly named for what it is, and it's a mishmash of globals, function calls, class instantiations, and do_action() calls.
----
'''Solution'''
`do_action()` all of the things.
Make `wp-settings.php` a series of action calls. One for setting versions, one for initial constants, one for environmental setup, translations, database, plugins, themes, users, template output, and so on...
Introduce a file named `wp-includes/default-actions.php` that serves 2 purposes:
* Includes a bunch of new functions that wrap up sections of what's already in `wp-settings.php`
* Hooks those new functions into the new actions in `wp-settings.php`
----
'''Why do we do this?'''
As more robust and sophisticated plugins, themes, APIs, and systems start to use, rely on, and bend WordPress to their will, the need to override more & more pieces becomes apparent. While WordPress comes with a very handy set of default post types, taxonomies, APIs, helpers, wrappers, and tools, it may be desirable to unhook (or never load) certain pieces so that other pieces can take their place.
In the past, this is done only with great intent, with strategic actions & filters in places where specific needs are being addressed. This is good in that it's predictable, but bad in that it's impossible for anyone to truly know what action or hook is *best* to perform any given subsequent action.
By breaking `wp-settings.php` up into many clearly named `do_action()` calls, it becomes clearly obvious what actions perform what duties, while also introducing literally maximum flexibility in the entire system for new and exciting things to happen around WordPress itself.
Imagine something like:
{{{
// Load versions
do_action( 'wp_settings_load_versions' );
// Load constants
do_action( 'wp_settings_load_constants' );
// Load translations
do_action( 'wp_settings_load_translations' );
// Load environment
do_action( 'wp_settings_load_environment' );
// Load early WordPress settings
do_action( 'wp_settings_load_early' );
// Load database
do_action( 'wp_settings_load_database' );
// and on, and on...
}}}
----
'''Epilogue'''
This is a huge idea, easily scoffed at, and introduces code-churn like whoa. It would mean doubling down on WordPress's actions API, trusting it implicitly to load all of WordPress's core pieces & parts. It would open many doors to many unforeseen oddities while developers start dissecting all the ways things are tied together. It would also enable really cool external tools, like REST API drop-ins that can `SHORTINIT` WordPress if auth is missing, or WP CLI commands that can `die()` literally anywhere in the stack after they've done what they need to do.
This is something I've wanted in WordPress since 2006 having seen similar in other libraries, and even old BackPress & bbPress gave nods and hints to back in the day.
I'm also happy to give this a first patch if it's helpful to see visually the destruction it causes, or guide someone else along my vision for this if someone is willing and able to see it through before I am. <3",johnjamesjacoby,8
38753,Publish / Update button should close the post / page edit and return to list,,Administration,4.6.1,normal,normal,Awaiting Review,enhancement,new,,2016-11-11T09:37:36Z,2016-11-11T17:25:09Z,"Hello
A very useful feature would be for the button Publish / Update to actually close the post / page edit and return to the list. A second button with Publish & Stay / Update & Stay next to the other one would do the trick for those who still want to make modifications on the post / page.
Something like this exists in many CMS and helps when there's a lot of pages / posts to edit",MariusM11,1
36514,posting with custom taxes,helen,Taxonomy,4.2,normal,normal,Future Release,defect (bug),reviewing,dev-feedback,2016-04-13T17:55:33Z,2016-11-11T16:58:15Z,"Sorry for my bad english.
Seems there is a bug in wp-admin/includes/post.php on line 348.
Need for use
{{{#!php
'include' => $term,
}}}
instead
{{{#!php
'name' => $term,
}}}
Now it causes errors when saving posts within custom non-hierarchical taxonomies - WordPress by mistake spontaneously creates new items which has names like id's cheked items.",hokku,15
38754,"Screen Options in post listing, image checkbox option is trigger in comments checkbox option",,Administration,4.6.1,normal,normal,Awaiting Review,defect (bug),new,reporter-feedback,2016-11-11T10:19:22Z,2016-11-11T10:22:33Z,"In post list, when I check the image option in ""Screen Options"" nothing happen, just if comment is checheck. The imagem and comment is working with the same checkbox!",pesseba,1
15936,IPv6 literal support in multisite broken,,Permalinks,3.0,normal,major,Future Release,defect (bug),new,dev-feedback,2010-12-21T16:00:25Z,2016-11-11T10:13:34Z,"The logic for handling explicit port numbers in wp-includes/ms-settings.php is confused by IPv6 literal addresses in URLs as defined by RFC 2732.
It tries to handle the URL as it as if there were a port appended, but then fails to strip it off. Incidentally the error message here: 'Multisite only works without the port number in the URL.' is untrue, since ports are handled (but for only two particular cases, port 80 and 443).
The attached patch, against Wordpress 3.0.3, fixes both these issues, and allows ports other than 80 and 443 to be used with Wordpress, by just stripping off the trailing port rather than special-casing the two well-known ports, and not incorrectly detecting IPv6 literals as URLs with ports in. It also has the advantage of being much more compact.
It may be worth someone thinking through whether the substitution is strictly correct with reference to the URL standards, but I'm pretty sure that this is an improvement on the current code.
Thanks,
Dominic.",jmdh,11
38750,Split wp_signups into wp_user_signups and wp_blog_signups,,Login and Registration,3.0,normal,normal,Awaiting Review,feature request,new,needs-unit-tests,2016-11-10T19:07:00Z,2016-11-11T08:27:53Z,"Right now, `wp_signups` (and the entire related API) does double-duty. It's 1 database table that's used for both users & blogs, but there are a few issues with this approach:
* Open sign-ups may or may not include ability to create sites
* There is no UI for managing sign-ups in WordPress core
* Sign-ups are different between singlesite & multi-site
* Plugins like BuddyPress do their best to include and/or work-around WordPress's core functionality, but end up writing a ton of additional code to manage this
* Other membership plugins are forced to roll their own approach every single time
* It's possible for multisite sign-up race conditions to exist, with users & sites created or activated from underneath each other (documented in `wpmu_activate_signup()`)
I'm adding the multisite focus to this issue, because all of the current code is only relevant to multisite, but I'd like to see single-site inherit whatever future approach we can come up with.
The core sign-ups code, stinks. Yet open registration is part of what makes WordPress & community/membership sites great. I think it would be great to take what we've learned from BuddyPress, WordPress.org, WordPress.com, and the bevy of Membership plugins, and make a great sign-up component/API for WordPress core.",johnjamesjacoby,2
34414,Add extra item fields to exported WXR file,,Export,4.4,normal,normal,Future Release,feature request,new,dev-feedback,2015-10-23T12:01:43Z,2016-11-11T08:16:47Z,"Hello
I am one of WPML developers. WPML is plugin which allows user to make multilingual sites, set language information to posts etc.
Straight to the point: we want to make it available to add to exported posts/pages an information about their language. Language information is stored in our own tables, so we cannot use existing WXR elements like those for taxonomies or custom fields.
It would be perfect if before closing tag would be executed hookable action which will echo those additional elements, coming from plugins such our.
I am attaching proposed patch.
Example of usage:
{{{
add_action('wxr_export_item_extra_fields', 'here_wxr_export_item_extra_fields');
function here_wxr_export_item_extra_fields($post) {
echo """";
}
}}}
",kkarpieszuk,5
38721,Remove introduced uses of unescaped HTML from function/parameter/hook descriptions.,DrewAPicture*,General,4.6.1,normal,trivial,Awaiting Review,defect (bug),accepted,has-patch,2016-11-08T23:19:37Z,2016-11-11T05:36:57Z,"#30473 culminated in [30546] for 4.1 to remove use of unescaped HTML tags (ideally referring to them by name, otherwise escaping them if they should be shown literally as an example) in function and parameter and hook descriptions. A few commits since then have introduced HTML tags that should be removed.
* [25584] introduced documentation for the 'comment_form' action and introduced `` in the hook description.
* [31699] added `$title_reply_before` and `$title_reply_after` as accepts `$args` values to `comment_form()` with default values containing HTML that is not marked as code in backticks.
* [34243] added `

` and `

` as defaults for `$before` and `$after` (respectively) to `$args` of `wp_page_menu()`.
* [34308] added `$submit_button` and `$submit_field` as accepts `$args` values to `comment_form()` with default values containing HTML that is not marked as code in backticks.
* [34903] added `` to function summary for `wp_oembed_add_discovery_links()`.
* [34903] also added `` to the description for the new `embed_head` hook.
* [36135] introduced the param documentation for the `$separator` option of `$args` for `wp_list_categories()` with an unescapted HTML default value of ``.
* [36993] added ‘’ and ‘’ to @param description for `$in_footer` arg for `wp_register_script()` and `wp_enqueue_script()`.
* [37465] introduced the `$required` hash param to `wp_dropdown_categories()` with `

`
There's no easy way to remove or filter this mark up. In my case this `div` isn't needed.",henry.wright,2
23578,URLs wrapped in <> parsed as HTML when wp_mail_content_type set to text/html,,Mail,3.1,normal,normal,Awaiting Review,defect (bug),new,has-patch,2013-02-21T17:04:34Z,2016-11-02T00:45:31Z,"[16285] wrapped the password-reset URL in the e-mail sent from retrieve_password() in greater-than/less-than signs in order to prevent it from breaking when line wrapped (see #14140). That has the side-effect of causing the URL to be parsed as HTML by the mail client when the message's content-type is set to text/html via the wp_mail_content_type filter. I don't see any other places in Core where this happens.
Using wp_mail_content_type to enable HTML e-mails is a common technique documented on the Codex and across the Web. Is it considered a bad practice to enable it globally -- as opposed to adding it before calling wp_mail(), then removing it after; or just setting the content type in the $headers param of wp_mail()? If so, we should document that on the Codex and possibly in wp_mail() where the filter is applied.
Even if it is, I don't think it'd hurt to have retrieve_password() check the content-type and behave accordingly. If it's ""text/html"", then create a proper link; otherwise wrap the URL in greater-than/less-than signs.
If everyone agrees on that approach, I'll submit a patch.",iandunn,14
23432,"Review usage of target=""_blank"" in the admin",rianrietveld,Administration,3.2,normal,normal,Future Release,task (blessed),assigned,,2013-02-09T15:26:25Z,2016-11-01T23:03:54Z,"Some links in the Setting Pages (General, Discussion, Permalink) pages open in same window, which sometime can be awful. [[BR]]
While the users can press cmd/ctrl + click and click the link to open it in new tab but If the user does not open the link in new window, options (which are not saved) will be lost and one have to go through them again.[[BR]]
Also links in the Edit Profile page and all the links in the help tab open in new window except a few.(so it is possible that users may just click it thinking them to alike other links which open in new window)[[BR]]
So a consistency will be there and ux can be a little better.",theadityajain,44
38611,Clarify why get_post_format_slugs() calls array_combine(),,Post Formats,,normal,normal,Awaiting Review,enhancement,new,has-patch,2016-11-01T19:27:35Z,2016-11-01T21:49:43Z,Discovered from #38610,danielbachhuber,2
37865,Allow using the `$network_id` parameter of `get_blog_count()` again,,Networks and Sites,3.7,normal,normal,Future Release,enhancement,new,has-patch,2016-08-29T15:14:11Z,2016-11-01T19:52:21Z,"The `$network_id` parameter of `get_blog_count()` has not been used since 3.1, and was officially deprecated in [changeset:25113]. When looking at the history, it appears that this was done to be able to fully rely on `get_site_option()` which does not support passing a network ID.
However, now we have `get_network_option()` which _does_ support a network ID, so I think we should un-deprecate this parameter and make use of it again (is that possible?).",flixos90,4
37971,Menus screen: improve the responsive view,,Menus,,normal,normal,Awaiting Review,defect (bug),new,,2016-09-07T17:30:27Z,2016-11-01T19:18:26Z,"Noticed while working on #37969, the responsive view of the Menus screen needs some improvements. Not sure if there's already a specific ticket (haven't found one).
Some CSS rules used in this screen work just in the ""Desktop"" view: 100% widths+margins, some floats, the `13em` spacing between menu item titles and controls and probably more stuff need to be reset/adjusted.
Not sure it nesting the menu items can work on very small displays, probably needs a different approach. Any thoughts welcome!
[[Image(https://cldup.com/qvBPJULT7f.png)]]",afercia,3
37893,Implementation of is_registered_sidebar() doesn't match its documented signature,welcher,Widgets,4.4,normal,normal,Awaiting Review,defect (bug),assigned,,2016-08-31T11:26:35Z,2016-11-01T17:02:50Z,"Function `is_registered_sidebar()` was added in release 4.4 but the documentation for its function signature was changed after the initial commit and now no longer matches the implementation (see #24878).
The implementation of the function requires the string kind of sidebar ""id"" and will not accept a numeric ""id"" which would first need converting to a string of the form ""sidebar-$id"".
The simplest fix would be to just change the documentation, but if this function is considered useful for themes/plugins (as I suspect it is), additional code would be needed to convert a numeric parameter appropriately (see the beginning of existing function `is_active_sidebar()` for example).
If this code change is applied, then for consistency a similar change should probably be made to function `unregister_sidebar()` which also only accepts a string sidebar ""id"" and confusingly refers to it as the ""name"" (this more properly refers to the displayable name/title for the sidebar).
Suggested patch incoming, although in the patch I didn't rename the parameter to `unregister_sidebar()` as I'm not sure whether there are any backwards-compability issue with that.",mdgl,11
29299,Plural forms not available for some strings,SergeyBiryukov,Text Changes,,normal,normal,Future Release,defect (bug),reviewing,dev-feedback,2014-08-21T09:55:42Z,2016-11-01T14:57:31Z,"There are several strings which do not allow specific plurals in Settings - Reading.
``
``
It looks strange when somebody inserts for example number 4 and our plural form is translated only for number 5.
Best solution would be probably some kind of string ""Number of posts on page"" (without ending ""posts"" string). But I am not sure about it...
See: https://core.trac.wordpress.org/browser/trunk/src/wp-admin/options-reading.php#L126",pavelevap,13
11515,Admin needs standardized way of handling messages (notices) displayed to the user,,Administration,3.0,normal,normal,Future Release,enhancement,new,,2009-12-19T19:53:03Z,2016-11-01T14:39:43Z,"If you try to upload a media item under Media > Add new without an uploads directory, you get the following vague error message:
{{{
Error saving media attachment.
}}}
If you try instead to upload from the post edit page, you get a much more helpful message:
{{{
Unable to create directory /path/wp-content/uploads. Is its parent directory writable by the server?
}}}
In each case, the root error is the same, but the second error message points the way to a solution. Even if the user doesn't know herself what that message means, it's a message that provides the necessary information to someone else who does and is trying to help the user. The first message is completely useless, as it states only what we already know: something went wrong.
The reason Media > Add new doesn't offer a helpful message is that the error is generated on one page request, and ''then'' the user is redirected to another page.
We need a standard, cross-page-load way of conveying messages in admin.
I've thought of a few possible ways of doing this:
* Define and use a standardized set of error codes and associated error messages. This is similar to what happens currently on many pages: the unhelpful ""Error saving media attachment."" appears when the message argument is set to ""3."" What I'm suggesting would use a common set of message codes across the admin and be much more detailed. So the above situation would instead produce a message like ""Unable to create the uploads directory.""
* Save error messages to a cookie. Unlike the previous method, this would allow messages to be made particular to their event.
* Have some kind of user messaging stack. New messages would be pushed into a user's stack (stored in usermeta) and popped off after a certain time, or when read, etc. This has the advantage of lasting across sessions and browsers and being usable for other applications, such as PMs between users.
What do you think?",filosofo,22
38595,Unable to access wp-admin/options-permalink.php when .htaccess file is on NFS,,Permalinks,4.4,normal,normal,Awaiting Review,defect (bug),new,,2016-10-31T19:03:14Z,2016-11-01T14:11:50Z,"After nearly a week of troubleshooting, we have identified an issue with wordpress which is preventing us from storing our .htaccess file on an NFS mount.
This issue exists as far back as 4.4
In order to reproduce:
install wordpress in a directory where .htaccess is located on a mounted nfs share. Once wordpress is installed, navigate to yoursite.com/wp-admin/options-permalink.php - the page should fail to load.
This issue appears to be caused by the function ""flock();"" in the function ""insert_with_markers();"" in wp-admin/includes/misc.php
Per PHPs documentation, flock(); is only acceptable for use on local filesystems.
I found an existing ticket regarding this function - #31767 - if I understand correctly, flock(); was added to the ""insert_with_markers(); function to resolve a concurrent write issue on shared filesystems.
Disclaimer: I am not a PHP developer, and only understand the basic concepts. The testing for the above bug consisted of commenting out functions till I could find the source of the issue. Commenting out the ""flock();"" function in the ""insert_with_markers();"" function resolved the issue in our environment.",kicwordpress,2
38332,"""Cheating"" message insults; needs changing",,General,2.9,normal,normal,Future Release,enhancement,reopened,,2016-10-17T14:08:04Z,2016-11-01T12:57:13Z,"""Cheating"" is regarded as dishonest. Calling someone a cheat is hurtful if the accusation is not true.
I develop with WordPress on my local machine. When I'm working on a WordPress problem I leave all my server and browser sessions open for hours at a time (and overnight), so that I can pick up where I left off.
Once a day, I get the message ""Cheating, are we?"" (in en-GB; in en-US it's ""Cheatin' uh?""), as WordPress automatically logs me out.
It never ceases to annoy me to be unjustly accused of something I am not doing.
I would also bet that only a tiny minority of users are wilfully being dishonest when they get this message. Most will have got there by mistake or -- as in my case -- by WordPress design.
It's a shame that a program that I like and respect treats its users this way. It's also a shame that it doesn't take the opportunity to explain what the message really means (by including, for example, something like ""you've been automatically logged off"") though I realise that the message may occur in many contexts.
How about at least changing it to something less insulting?
I would propose:
> ""I'm sorry USERNAME, I'm afraid I can't do that"".
This would:
- Remove the insult;
- Brighten our days by paying homage to a great film (RIP Stanley Kubrick);
- Maintain a witty sense about it -- which I'm sure was the original intention with ""Cheatin'"";
- Imply humility, as it subtly acknowledges that the refusal may be unreasonable.",ElectricFeet,11
27421,Escape madness in meta API,,"Options, Meta APIs",3.8.1,normal,normal,Awaiting Review,defect (bug),reopened,has-patch,2014-03-15T16:20:46Z,2016-11-01T11:18:21Z,"I was trying to come up with a reasonably sane wrapper around the WP meta API so as to no longer need to call it directly, and I'm somewhat bemused by the slashing insanity in there...
As I read through the code:
- get_post_meta() expects key and value to be unslashed
- add_post_meta(), update_post_meta() and delete_post_meta() expect key and value to be slashed
- WP uses wp_unslash() to strip slashes in add_metadata(), update_metadata(), and delete_metadata()
- the codex suggests to use wp_slash() to add slashes before storing data
This could all work in the best of worlds, but then:
1. the codex is mysteriously silent on the need to slash keys as well
2. wp_unslash() will dutifully unslash objects, but wp_slash() doesn't slash them to begin with
3. wp_slash() and wp_unslash() would not be able to slash private variables (short of using Reflection, perhaps) even if they wanted to
4. wp_slash() and wp_unslash() will not bother processing array keys that could have been sent from e.g. a POST request.
Admittedly, it's not every day where $_REQUEST keys are inserted as is the database, so there's likely little room for SQL injections with respect to that last point, and array keys are typically without slashes, leaving little room for quirky keys that lose their slashes while getting stored.
Still, I'm left scratching my head as to if/when we'll actually allow objects to get stored using the meta API without running the risk of seeing their data unslashed at arbitrary points in time.",Denis-de-Bernardy,5
31647,zxcvbn.js is old,,External Libraries,4.6.1,normal,normal,Future Release,enhancement,new,,2015-03-15T18:38:01Z,2016-11-01T07:56:46Z,"wp-includes/js/zxcvbn.min.js is version 1.0 and rather old.
I don't know about other issues but it contains an invalid (""blah-blah"") dictionary. For example:
{{{#!js
o(""male_names"",r(""wnzrf,wbua,eboreg,zvpunry,jvyyvnz,qnivq,evpuneq,puneyrf,...""))
}}}
See https://github.com/dropbox/zxcvbn/blob/master/zxcvbn.js for an up-to-date version.",muranyia,3
38599,Allow verbose rewrite rules with custom post types,,Permalinks,,normal,normal,Awaiting Review,enhancement,new,,2016-11-01T00:08:41Z,2016-11-01T00:08:41Z,"Every time I create a custom post type (say, Book) I invariably want a structure like this:
/books/ - static page where I can write all sorts of overview content with all of the formatting provided by the theme's page template (not a basic post type archive)
/books/book-1/
/books/book-2/ - custom post type permalinks
This is possible by using a rewrite slug of books.
However, if someone then creates a subpage of books, they'll get a 404 error, full stop.
This has been around a long time, and many workarounds have been provided in trying to get verbose rules triggered, such as: https://gist.github.com/mattberridge/2960966
Rewrite rules underwent some major changes a while ago for improved performance (to get %postname% permastructures working well, then there were pretty attachment URLs, etc), which results in these workarounds no longer working. (Custom post type rules get inserted at a place which isn't easy to reorder and conflicts with other rules).
Instead, I have to keep using unique prefixes which make things look messy and confusing to visitors:
/books/
/book/book-1/ (even though there is no /book/ page on my site)
Having a nicer structure seems like a very common use case (especially given the number of search results you'll find about workarounds).
I'd like to suggest allowing custom post types to trigger verbose rules in a way that will work.",smerriman,
37411,Add more formats to wp_maybe_decline_date(),SergeyBiryukov*,Date/Time,4.4,normal,normal,Future Release,defect (bug),accepted,needs-unit-tests,2016-07-19T15:28:48Z,2016-10-31T21:19:40Z,"In some themes, date format is not localized (see an [https://themes.trac.wordpress.org/browser/sadakalo/1.7.0/content.php?marks=13#L9 example] in Sadakalo theme).
Formats like `'F jS Y'` don't make a lot of sense for languages with declensions, which generally use `'j F Y'` (where F requires genitive case).
We could improve the situation by adding more formats to `wp_maybe_decline_date()` introduced in #11226.",SergeyBiryukov,9
38598,Problem with database during update,,Database,4.6.1,normal,normal,Awaiting Review,defect (bug),new,,2016-10-31T21:18:17Z,2016-10-31T21:18:17Z,"After update to new Wordpress version 4.6.1 I have to import old database using myphpadmin. I made it and then Wordpress monit me it should to update database. Update database causing problem with no ""auto increment"" option for comments, post, etc. This made wordpress unusable - user cannot add any post, comment or other record to database.",marekrz,
16483,Visibility: password-protected exposes multiple pages,,Security,3.0.4,normal,normal,Future Release,defect (bug),new,dev-feedback,2011-02-07T19:02:15Z,2016-10-31T21:16:53Z,"1. password protect a page ('protected') with a password
2. password protect another page ('thistoo') with the SAME password
3. visit 'protected' and enter the password. Page is visible
4. visit 'thistoo'; expected: prompt for password. What happens: Page is visible
Regardless of whether someone with a password has the right to try it in as many pages as they want (and would therefore successfully see the page if the passwords were the same), the user should still be prompted on a page-by-page basis. Global authentication to multiple pages is possible with user accounts and roles. It should not be possible with visibility: password-protected pages.",monkeyhouse,27
38596,Preview Change button does not reflect Custom Page Template,,General,4.6.1,normal,normal,Awaiting Review,defect (bug),new,,2016-10-31T20:08:55Z,2016-10-31T20:08:55Z,"When creating 2 or more custom page templates, the Preview Change button is failing to show the correct template after making a switch. Here are steps below.
- Create 2 custom page templates in code.
- Go to wp-admin and go to Pages
- Either use the Sample that ships with WordPress or create a new page
- Within page edit mode, under Page Attributes, select a different page template.
- Click Preview Change.
- You will notice that the preview does not reflect the correct template. You have to push Update in order to see it.
",blackawxs,
37555,A post with a long title goes out of bounds,,Administration,4.5.3,normal,normal,Awaiting Review,defect (bug),new,has-patch,2016-08-03T17:47:12Z,2016-10-31T18:58:11Z,"When creating a post with a very long title, the activity in the dashboard goes out of order.",vimukthiperera,3
38310,"Improve ""wp_update_term"" documentation",,Taxonomy,4.7,normal,normal,Future Release,enhancement,new,dev-feedback,2016-10-14T10:10:06Z,2016-10-31T16:31:19Z,"Hi all,
When using the wp_update_term function and reading through its inline docs, it struck me that some part of the inline docs is kind of vague (highly subjective, I know).
I will add a patch with a proposal for a more specific inline docs.
Thanks,
Ruud",ruud@…,5
38591,Filter for languages select on profile-page,,Users,4.7,normal,normal,Awaiting Review,enhancement,new,,2016-10-31T12:54:54Z,2016-10-31T14:54:27Z,"It would be great to have a filter on the user's profile page to edit the languages select.
This would come in handy - for example to allow only a selection of languages for different blogs in multi-site environments or to suppress the language select at all.
Patch is attached.",neoxx,3
27722,Don't fire a warning when the WP API timeouts — or do so properly.,johnbillion*,Upgrade/Install,3.7.1,normal,normal,Future Release,defect (bug),accepted,,2014-04-08T12:29:43Z,2016-10-31T14:41:42Z,"At the time of writing, I'm systematically getting the following error from within the WP admin area's update core section:
{{{
An unexpected error occurred. Something may be wrong with WordPress.org or this server's configuration.
}}}
Two things bother me:
1. It only fires when SSL is used.
2. The raw_response content suggests a connection timeout.
I think the warning itself is of dubious merit. If we decide to keep it, it should be more explicit as to what is going on. And it should always fire, regardless of whether SSL is getting used or not…
A possible exception I'd make is when it's a request timeout — in that case WP should silently try again a few minutes later — without a warning or notice.",Denis-de-Bernardy,9
36561,Deprecated notices should be classified as such.,,General,,normal,normal,Awaiting Review,enhancement,new,has-patch,2016-04-17T11:16:42Z,2016-10-31T07:21:39Z,"All errors triggers should be classified with the appropriate error level.
Most notably, the `_deprecated_function()`/`_deprecated_constructor()`/`_deprecated_file()`/`_deprecated_argument()`/`_doing_it_wrong()` function do not pass an appropriate error level to `trigger_error()`.
For the deprecated function group, the most appropriate level seems to be `E_USER_DEPRECATED` which was introduced in PHP 5.3.0.
For `_doing_it_wrong()` an `E_USER_NOTICE` (or `E_USER_WARNING`) seems more appropriate.
Fixed in the accompanying patch.
For backward compatibility with PHP 5.2, a define for `E_USER_DEPRECATED` has been added to `wp-includes/compat.php` which follows the same logic as used in SimplePie for consistency:
https://core.trac.wordpress.org/browser/trunk/src/wp-includes/class-simplepie.php#L699
",jrf,4
36341,Add a note about the 'init' hook to the DocBlock for get_current_user_id(),,Users,,normal,normal,Future Release,defect (bug),assigned,has-patch,2016-03-25T22:47:15Z,2016-10-31T06:48:53Z,,DrewAPicture,12
21022,Allow bcrypt to be enabled via filter for pass hashing,,Security,3.4,normal,normal,Future Release,enhancement,new,dev-feedback,2012-06-20T01:34:26Z,2016-10-31T01:56:20Z,"Hi,
following recent discussions on password security and how to best prevent any hackers can leverage password table they might have got I looked into the phpass used for WordPress.
While I in principle understand why WordPress uses the compatibility mode of it, I would like to see some flexibility for those who don't need the compatibility.
Thus I would propose to change in wp-includes/pluggable.php all occurances of
$wp_hasher = new PasswordHash(8, true);
to
$wp_hasher = new PasswordHash(8, apply_filters('phpass_compatibility_mode', true));
This would allow users to easily change via plugin from the ""not so secure"" compatibility mode (only salted MD5) of phpass to a more secure setting (bcrypt) in case no compatibility with other applications is required.
The plugin changing the encryption methog could then as easy as
function phpass_bcrypt() {
return false;
}
add_filter('phpass_compatibility_mode', 'phpass_bcrypt');",th23,71
36212,Empty menu items are deleted without warning,,Menus,,normal,normal,Awaiting Review,defect (bug),new,,2016-03-12T01:21:43Z,2016-10-31T01:41:23Z,"I recently discovered that menu items with with an empty label are deleted from the menu upon save without any warning or notice. The particular situation was that I was adding a menu with an icon font for the items, so the labels were empty but had classes. Obviously a HTML comment can be used in this instance, but there should be some way to either communicate with the user that items with an empty label will be removed, disable saving of a menu with empty labels, or some way to handle empty labels without deleting the item.",cameronjonesweb,1
32367,Nav menu attribute unit tests,,Menus,,normal,normal,Future Release,enhancement,assigned,needs-unit-tests,2015-05-13T03:11:10Z,2016-10-31T01:36:57Z,"I'll be introducing unit tests for nav menu attributes; primarily for class names on menu items.
This will allow us to investigate and hopefully fix the following tickets:
* #17077
* #20325
* #23902
* #23908
* #31360
* #32221
Other relevant closed tickets:
* #19125
* #19699
* #20191
* #20483
* #23834
* #24137
",johnbillion,11
38583,Support for objects in schema validation and sanitization,,REST API,,normal,normal,Future Release,defect (bug),new,,2016-10-31T01:04:32Z,2016-10-31T01:04:32Z,"Follow-up on #38531 and support sanitizing and validating objects with our schema. This would allow our Meta and Settings endpoints to accept non-scalar values.
See https://github.com/WP-API/WP-API/issues/2859
",rachelbaker,
38238,Sorting a list table by some kind of count should default to DESC initially,helen,Administration,,normal,normal,Awaiting Review,enhancement,reviewing,needs-unit-tests,2016-10-05T21:32:01Z,2016-10-31T00:21:11Z,"List tables that can be sorted by some kind of count (posts with that term, comments on that post, etc.) should likely use `DESC` for that sort initially, as more frequent user workflows involve wanting to see things with many X (popularity/usage), as opposed to items with no X (cleanup). For example, you may want to see which categories are most popular (related: #36964) or which posts have generated a lot of comments.
Should also consider how sortable custom columns indicate whether to use `ASC` or `DESC` initially.",helen,5
33017,Images displayed with page.php instead of index.php,,Themes,,normal,normal,Awaiting Review,defect (bug),reopened,needs-unit-tests,2015-07-16T15:04:19Z,2016-10-31T00:17:07Z,"I am developing a theme and currently do not have an `attachment.php` or a `single.php`. When I insert an unattached image into a post and select ""Link to: Attachment Page"", I expect the image to be displayed with `index.php` according to the template hierarchy [https://developer.wordpress.org/files/2014/10/wp-template-hierarchy.jpg]. However, the attachment page is displayed with the `page.php` tempalte instead, and the URL is under my static front page.
The issue does not show up with images attached to the post.",creon,6
38179,Update $allowedentitynames with HTML5 entities,,Formatting,,normal,normal,Awaiting Review,enhancement,new,reporter-feedback,2016-09-28T08:34:44Z,2016-10-30T23:47:02Z,"Hello,
Can we please update $allowedentitynames with HTML5 entities, so that they can be used within the escape functions and work properly!
Thanks.",dashaluna,1
38581,Media uploads fail after session expiration,,Upload,4.6.1,normal,normal,Awaiting Review,defect (bug),new,,2016-10-30T23:28:27Z,2016-10-30T23:28:27Z,"On occasion, I write fairly long blog posts in WordPress that can take some time to research and put together. I've noticed that after a session expiration, I am not able to use the media uploader to add images/files to my post '''unless''' I refresh the editor, either by using my browser's Refresh functionality or by clicking the Save Draft button. I could see how a novice user could get very frustrated in this sort of situation, not knowing how to get beyond the error.
'''Steps to reproduce'''
* On a WordPress site (for testing purposes) [https://wordpress.org/plugins/login-security-solution/ use a plugin like Login Security Solution] to decrease the idle timeout to something short, like two minutes. (This negates having to wait for hours for the default inactivity limit to be reached).
* Open the post editor and begin creating a post.
* After logging back in when prompted, try to upload an image or other file using either the ""Add Media"" button or the Set featured image link.
* Watch the upload fail with the cryptic message ""HTTP Error"". (Uploading ... Filename.png ... HTTP error.) The user cannot ascertain from this error why the upload failed.
Trying the upload again will result in the same error every time. The media uploader will not work until the editor screen has been reloaded in the browser.
",avcascade,
19739,Filters to allow comments on draft & trash post_status posts,,Comments,3.3,normal,normal,Future Release,enhancement,new,has-patch,2012-01-04T19:01:18Z,2016-10-30T21:23:43Z,"I'd like to use comments on draft posts as part of an editorial workflow. Will this be as easy as adding a filter to fire before the current comment_on_draft action that can be checked before exiting? I'll try that and add a patch if it looks good.
Related #13276. Not relevant to #18630, I think.",cyberhobo,13
33167,Reset password screen lacks the Hide button and Confirm use of weak password checkbox,adamsilverstein,Login and Registration,4.3,normal,normal,Future Release,defect (bug),assigned,has-patch,2015-07-29T01:36:22Z,2016-10-30T16:50:37Z,"When resetting my password, the ""Hide"" button isn't available, and the ""Confirm use of weak password"" checkbox isn't shown if I enter a weak password.
[[Image(https://i.imgur.com/52BGcEM.png)]]",johnbillion,15
38566,Dashicon font is rejected by Firefox,,Customize,4.5,normal,normal,Future Release,defect (bug),new,,2016-10-30T07:58:28Z,2016-10-30T14:32:26Z,"When loading up the customizer (independent of which theme is used), Firefox complains about the dashicon font being used as it is rejected by their sanitizer.
The exact error output from Firefox
{{{
downloadable font: rejected by sanitizer (font-family: ""dashicons"" style:normal weight:normal stretch:normal src index:0) source: http://192.168.1.4/wp_vanilla/wp-includes/fonts/dashicons.eot
}}}
My test site is at `http://192.168.1.4/wp_vanilla/` in the above example.
It is being triggered at `dashicons.css:1:12`, this only occurs in the customizer, anywhere else using dashicons in the admin appears fine.",Clorith,1
37934,Separate account settings and profile settings,,Users,,normal,normal,Awaiting Review,enhancement,new,,2016-09-03T13:36:41Z,2016-10-30T11:57:40Z,"Current limitations of profile management in WordPress:
On `wp-admin/profile.php` there's too much you can do:
* Change personal preferences
* Account and session management
* Update publicly visible profile data
If plugins add additional fields to that page, it gets very long quite quickly. Even without plugins you have to scroll all the way down to change your password. Pretty sure you change your password more often than disabling the visual editor, so that order isn't ideal.
Idea:
Separate account management and profile settings. Platforms like WordPress.com, Facebook or Twitter do this for a reason.
This was recently mentioned in a discussion about adding 2FA to core, see https://wordpress.slack.com/archives/core/p1470765550002658.
The plugin I mentioned there: https://wordpress.org/plugins/wp-user-profiles/
Slightly related: #26769.
Account management:
* Change backend preferences
* Change email address
* Change password
* Log out everywhere else (perhaps with a session overview in the future as was originally the plan)
Profile management:
* Show/change profile picture
* Change biographical info like name, contact methods",swissspidy,2
31518,WP_User::has_cap and 'map_meta_cap' filter,johnbillion*,Role/Capability,2.0,normal,normal,Future Release,defect (bug),accepted,early,2015-03-03T20:34:51Z,2016-10-30T11:45:26Z,"{{{
add_filter('map_meta_cap', function(){return array();}, 1,0 ); //posts WHERE to_ping <> '' AND post_status = 'publish'
Performance monitor tool (new relic) has flagged this has a bad query. It said the following
This table was retrieved with a full table scan, which is often quite bad for performance, unless you only retrieve a few rows.
The table was retrieved with this index:
No index was used in this part of the query.
You can speed up this query by querying only fields that are within the index. Or you can create an index that includes every field in your query, including the primary key.
Approximately 114860 rows of this table were scanned.
I don't understand why this call isn't going through the wp query object. If it did you could then cache the result. ",spacedmonkey,20
36576,Split do_all_pings,dshanske,Pings/Trackbacks,2.1,normal,trivial,Future Release,enhancement,assigned,,2016-04-18T14:39:34Z,2016-10-29T19:22:17Z,"do_all_pings is a function that does pingbacks, trackbacks, enclosures, and updates. It is attached to a hook called do_pings.
Suggesting that the function be broken into individual pieces and those pieces attached in priority order to the same hook.
This would allow the specific removal/replacement of one of more services. ",dshanske,
31384,Pingback does not work for schemeless URLs,,Pings/Trackbacks,1.5,normal,normal,Future Release,defect (bug),new,needs-unit-tests,2015-02-19T17:03:29Z,2016-10-29T19:20:41Z,"I noticed that a pingback will not be send if the target URL is given as a schemeless URL (like {{{//www.example.com/path/file.ext}}}.
This is because discover_pingback_server_uri() in comment.php is using the PHP function parse_url() which cannot handle schemeless URLs correctly.",tobiaskochsonlinenet,5
35435,Support Webmentions,,Pings/Trackbacks,,normal,normal,Future Release,feature request,new,needs-unit-tests,2016-01-13T05:25:25Z,2016-10-29T17:43:22Z,"Webmention have been released as a public working draft as of today. https://www.w3.org/TR/2016/WD-webmention-20160112/ . Previous linkback protocols(trackback and pingback) did not achieve this status.
The Webmention is a simplified evolution of the Pingback. It drops XML-RPC in favor of simple form encoding. The recommendation calls for asynchronous processing to prevent DoS attacks.
There is already a webmention plugin for WordPress in the repository. https://wordpress.org/plugins/webmention/ and a feature plugin could be developed for merging into core.
Trackbacks and Pingbacks both have their unique problems. The idea of linkbacks in general remains a good one, spoiled by less robust implementations. To go to the logical extreme, suggesting that adoption of webmentions be concurrent with the disabling by default of the earlier and less secure protocols.
Finally, no feature should be adopted in WordPress unless it has users...the pingback implementation in WordPress displays pingbacks in a way that does not convey useful meaning.
Current implementations of Webmention parse the HTML to generate a comment or other richer forms of response that are more useful to a site than what is currently available.",dshanske,2
37754,Support Receiving Pings for Non Post-Type Permalinks,,Pings/Trackbacks,1.0,normal,normal,Future Release,enhancement,new,,2016-08-20T23:57:21Z,2016-10-29T17:38:02Z,"Related: #2700
Ten years ago, it was proposed that the ability to ping the homepage(often linked in the author_url of a comment).
After a year, the issue was closed and turned over as a plugin issue. While the idea of pinging comments is certainly one that can be added as a plugin, the infrastructure to support receipt on arbitrary pages is not.
This enhancement is specifically about making it possible for Core or a plugin to receive and direct these pingbacks, separate from the issue of what to do with them once received.
After the changes are made, that could be explored as plugin territory. However, the only way to do this now is to completely replace the pingback handler with a custom one.
Probably the easiest way to do this is to expand url_to_postid to allow it to return an arbitrary post_ID(using a filter) if it detects that the URL in question is a valid URL on the site, but does not refer to a post_type.
",dshanske,
32510,"Add HTML5 ""required"" attributes to the login form",,Login and Registration,2.1,normal,normal,Future Release,enhancement,new,has-patch,2015-05-27T18:00:49Z,2016-10-29T14:11:57Z,"Hi evety one,
Today i try to login to WordPress dashboard and i knowed if i don`t write any thing in the input of username or password and then show message login error, I think if we add html5 tag ""required"" to the inputs of forms to validate the input labels not empty it is better for server and WordPress.
An also add feature to allow users and admins login by emails and add ""type=""email"" required for login form.
And add feature to allow users to change admin dashboard design, like virtual menu, insert of customized code e.g #cd2122 by users
At end add stat menu to admin panel and show how many times WordPress up-time proudly, how many users, comments, plugins, alexa rank and etc
An also add Better WordPress menu that has 2 sub menu, one for security of WordPress like plugins and 2nd Performance and speed of site e.g minifity css and js and etc
Also add menu to seo features of core WordPress like add social icons to bottom of posts to allow visitor to share posts or add https://developers.google.com/structured-data/testing-tool/ codes to seo WordPress Sites.
This feature available by the plugins but if in core WordPress is better and faster and structure of WordPress is better.
Best regards,
Milad Shahi",aznadesign,6
38560,media_handle_upload() can't handle arrayed $_FILES,,Media,,normal,normal,Awaiting Review,defect (bug),new,,2016-10-29T13:11:24Z,2016-10-29T14:00:50Z,"When you have form code that references [several file uploads](http://php.net/manual/en/features.file-upload.multiple.php) as array, the media_handle_upload() function fails to handle this.
For example this:
{{{
}}}
Will result in a $_FILES array that's creates subarrays shaped like so:
{{{
$_FILES['userfile']['name'][0]
$_FILES['userfile']['name'][1]
$_FILES['userfile']['tmp_name'][0]
$_FILES['userfile']['tmp_name'][1]
$_FILES['userfile']['size'][0]
$_FILES['userfile']['size'][1]
$_FILES['userfile']['type'][0]
$_FILES['userfile']['type'][1]
}}}
This will fail when passed to media_handle_upload, since [https://core.trac.wordpress.org/browser/tags/4.5.3/src/wp-admin/includes/media.php#L281 the implementation does not handle this array structure] nor is this documented.",kontur,1
38368,Add front-end revision browsing,,Revisions,,normal,normal,Awaiting Review,enhancement,new,,2016-10-19T16:17:04Z,2016-10-29T13:05:19Z,"This patch will add a live-updating revision browser to single post view when the current user can edit posts.
This feature requires the post and post revision routes of the WordPress REST API, as well as the JavaScript client for the REST API.
Here is demo of this patch:
[[Image(https://github.com/Shelob9/revisions-browser/blob/master/CvIKaDdWcAAtRSa.gif?raw=true)]]
Currently this is a functional prototype, as a plugin -- https://github.com/Shelob9/revisions-browser -- prepared by myself with guidance from @adamsilverstein and contributions from @mrahmadawais + @websupporter + @kadamwhite + @circlecube ",Shelob9,8
30240,Tell if theme is a child theme in wp-admin/network/themes.php,dpik,Networks and Sites,4.0,normal,normal,Future Release,enhancement,assigned,has-patch,2014-11-03T14:32:11Z,2016-10-29T11:37:40Z,"When listing themes in wp-admin/network/themes.php (in network mode), i would find useful to see if a theme is a child theme.",dpik,14
38200,"Store a `comment_type` for all Comments, not just custom comment types",,Comments,,normal,normal,Awaiting Review,enhancement,new,,2016-09-30T20:18:21Z,2016-10-29T11:36:42Z,"Currently the `comment_type` column for the comments table only stores a value (like `trackback` or `pingback`) when an irregular comment object is added. Standard comments are stored with a `comment_type` of `''`.
{{{
#!mysql
SELECT * FROM `wp_comments` WHERE `comment_type` = ' ';
}}}
This isn't very intuitive, and does not follow the expectations set by the `post_type` column in the posts table.
Changing to storing a `comment_type` value for all comments is also pre-requisite for supporting custom comment types (see #35214).
This change will require an upgrade routine as well as some back-compat work.
",rachelbaker,3
32642,Add supports argument to register_taxonomy,,Taxonomy,4.3,normal,normal,Future Release,enhancement,new,dev-feedback,2015-06-14T12:09:41Z,2016-10-29T11:36:26Z,"This patch adds the `supports` argument to `register_taxonomy()`. It allows custom taxonomies to opt out of having the slug and description fields.
I've had custom private taxonomies where the only field which would be set is ""Name"", so an enhancement like this would allow taxonomies be more lightweight for clients.",paulwilde,7
16001,Invited but not activated users can get lost,,Users,3.0,normal,normal,Future Release,defect (bug),new,,2010-12-27T22:37:15Z,2016-10-28T18:03:08Z,"Steps to reproduce:
* In ''Site Admin'', go to Users > Add New
* Add a new user
* You get a message to the effect of, said user needs to respond to an invitation.
Now the user has disappeared. There's no way for a super admin or anybody to search for that user and add her directly, or delete her, or anything like that. If the user doesn't get the email, she's out of luck: that username and email are now reserved for ""a couple of days.""",filosofo,29
38508,wp_insert_term and [term_taxonomy_id] => 0 ),,Taxonomy,4.6.1,normal,normal,Awaiting Review,defect (bug),new,reporter-feedback,2016-10-26T09:04:39Z,2016-10-28T16:47:40Z,"Hello,
I use WordPress version: 4.6.1 and WooCommerce version 2.6.6 with XAMPP/WIN7.
I want to import categories from osCommerce and i have some categories with [term_taxonomy_id] => 0 and no record in wp_term_taxonomy after wp_insert_term.
I think this is a bug. If no record in wp_term_taxonomy is created a error should come.
{{{
$parent_term = term_exists($line[""parent_categories_name""], 'product_cat');
wp_insert_term(
$line[""categories_name""],
'product_cat',
array(
'description'=> $line[""categories_description""],
'slug' => $line[""categories_slug""],
'parent'=> $parent_term['term_id']
)
);
}}}",staticweb,2
31401,wp-cron.php header comments confused or confusing,,Cron API,2.6,normal,normal,Awaiting Review,defect (bug),new,dev-feedback,2015-02-20T23:34:41Z,2016-10-28T16:24:01Z,"The header for wp-cron.php says:
{{{
WordPress Cron Implementation for hosts, which do not offer CRON or for which
the user has not set up a CRON job pointing to this file.
}}}
That's nonsensical, I think. It should say:
{{{
WordPress cron implementation to be called directly (e.g. via wget or curl)
for sites which do not get enough visitors to properly trigger wp_cron in
wp-includes/wp_cron.php
}}}
",gbell12,7
38548,Add new filters on wp_script_is/wp_style_is,,Script Loader,4.7,normal,normal,Awaiting Review,enhancement,new,,2016-10-28T13:41:52Z,2016-10-28T13:41:52Z,"Minification engines tend to group dependencies and then enqueue them in a single file so enqueues handles change their names. So imagine this situation:
Handles `style-1` and `style-2` are now grouped into a file and the new handle name is `group-1`
Once grouping is done `wp_style_is('style-1', 'done')` won't work as style-1 and 2 are now inside `group-1` so `wp_style_is('group-1', 'done')` would work but this is just known by the plugin that minifies the styles/scripts. I don't know if the point is clear enough.
By adding a new filter this would help a lot to remap those handles names. The filter can be placed easily in `WP_Dependencies::query()` method like this:
{{{#!php
registered[ $handle ] ) ) {
$query = $this->registered[ $handle ];
}
break;
case 'enqueued' :
case 'queue' :
if ( in_array( $handle, $this->queue ) ) {
$query = true;
}
else {
$query = $this->recurse_deps( $this->queue, $handle );
}
break;
case 'to_do' :
case 'to_print': // back compat
$query = in_array( $handle, $this->to_do );
break;
case 'done' :
case 'printed': // back compat
$query = in_array( $handle, $this->done );
break;
}
return apply_filters( 'script_is_query', $query, $handle, $list, $this );
}
}}}
Any thoughts?
",igmoweb,
38537,Swap out md5 for base32 in feed ETag generation,,Feeds,4.7,normal,normal,Awaiting Review,enhancement,new,,2016-10-27T22:55:29Z,2016-10-28T00:45:24Z,"All feed ETags are currently a MD5 of the last modified timestamp. This ETag is non-reversible, meaning the ETag is entirely useless as anything but a unique identifier.
Swapping this for a base32 of the same timestamp means the ETag can be reversed back to a timestamp (if needed for plugins or whatever). Mean processing time to generate a feed with 10 entries drops by 10–15 ms on a fast PC and 15–30 on a slow VPS with this base32 patch versus the current md5 solution.
The ETag length drops from 32 to 7–9 characters so the response and subsequent validation requests are made slightly smaller as well.
Potential problems: Every client that has stored a ETag in their cache will get one cache-miss when WordPress is updated. Considering that every subsequent request will be faster, I find that totally acceptable.",geekysoft,1
38536,Hook/Function to Set Content-Security-Policy,,Security,4.7,normal,normal,Awaiting Review,feature request,new,,2016-10-27T20:51:06Z,2016-10-27T21:14:23Z,"I would like to see a function to set the Content-Security-Policy header. I believe it should be in core so plugins and themes can hook into to set the whitelist domains/urls. By having it in core would allow the function to prevent duplicates. Maybe default to using any script enqueued on page load?
Further Reading:
https://scotthelme.co.uk/content-security-policy-an-introduction/
https://securityheaders.io
",bhubbard,1
38530,"Uploading a 512x512 site icon creates a ""cropped"" duplicate in media library",,Customize,4.6.1,normal,normal,Awaiting Review,defect (bug),new,,2016-10-27T17:07:30Z,2016-10-27T20:18:39Z,"To reproduce:
1. Install latest stable WP (4.6.1 currently) using Twenty Sixteen theme. No plugins.
2. Find an image that's exactly 512x512 pixels.
3. In the Customizer, go to Site Identity and click Select Image in the Site Icon section.
4. Upload the 512x512 image you prepared in Step 2.
5. Your site icon is uploaded. Click Save and Publish.
6. Look in your Media Library.
Expectation: one image present, which should be the image you just uploaded at the recommended size.
Reality: your original image is there, but there's also a duplicate prepended with ""cropped-"".
IMAGE1
I don't understand why an image that's already 512x512 needs to be cropped. The resulting images are exactly the same dimensions and filesize.
Here's what it looks like in the uploads directory:
IMAGE2
At first glance, I thought this was a recurrence of this ticket:
https://core.trac.wordpress.org/ticket/33011
... but the filenames aren't quite the same, so I suspect it's a new bug.",adamkheckler,1
31436,Handle conflicts in concurrent Customizer sessions,lgedeon,Customize,3.4,normal,normal,Future Release,enhancement,assigned,,2015-02-24T19:42:44Z,2016-10-27T17:10:54Z,"If two users open the Customizer at the same time and modify the same settings, the user who saves their changes last will win out, and the person who saves first will have their changes lost. (The frequency of the problem was reduced in #29983 since now only dirty settings now get POSTed.) The Customizer needs Heartbeat integration to add the “Post Locking” functionality. We don't need to lock the entire Customizer, however, from concurrent users: we need to add locking for individual settings in the Customizer. When a setting becomes dirty, we need to broadcast via Heartbeat to other users that the setting has been changed and thus any controls for this setting should be marked as ""locked"", with any changes prevented. This will become increasingly important as more and more settings are added to the Customizer and users go there more often to make changes.
The locking UI could provide a button to copy the other user's change into the other Customizer session, and this could result in the control being editable again, with subsequent changes pushed out to other users as well, who would then also get the corresponding setting automatically updated if it was dirty, but if it was not dirty then it would remain in its clean state but with a locking notification added.
This also should apply when a setting is modified by some means other than the Customizer: if someone is in the Customizer and another user changes a setting via an admin page or via XML-RPC or REST API, then this setting update should also be illustrated in the Customizer to note that the settings are stale and should be refreshed. This refresh could be done inline, without having to reload the entire page.
For the issue of conflicting auto-incremented widget IDs across user sessions, see #32183.
For the previously-reported issue specific for handling conflicts between editing widgets on the widget admin page, see #12722.
For the introduction of concurrency locking for options pages (settings API), see #32202.
Some enhancements for a feature plugin: The Customizer UI would benefit from having a list of users currently in the Customizer appearing somewhere, with a list of the changes each user has made. If someone left their Customizer session open, this list would also allow an administrator to sign the user out, using something like the [https://wordpress.org/plugins/user-session-control/ User Session Control] plugin; or the Customizer UI could provide a way to boot a user from the Customizer.
For use of Heartbeat to keep nonces fresh, see #31897.",westonruter,12
31245,Replace alloptions with a key cache,rmccue,"Options, Meta APIs",,normal,normal,Future Release,enhancement,assigned,has-patch,2015-02-06T05:39:47Z,2016-10-27T15:57:03Z,"Let's talk about `alloptions`. `alloptions` is a particularly fragile piece of WordPress, since it's exceptionally vulnerable to accidental concurrency issues due to its design.
A primer on `alloptions`, for those who haven't dug into it: `alloptions` is a cache key that stores all the options marked with autoload, thereby reducing the number of external calls out to an object cache from hundreds down to 1. It does this by running `SELECT * FROM wp_options WHERE autoload = 'yes'`, then storing that array (map of `option_name => option_value`) under the `alloptions` cache key. (Non-autoloaded options are stored as individual cache items instead, with a key of `option_name` in the `options` group.)
When you add an option, you can pick the `autoload` flag. This flag is `'yes'` (`true`) '''by default''', meaning most calls to `add_option` will set options to autoload. Additionally, if you add an option via `update_option`, there's no way to set this flag. These combined mean that the vast majority of options are stored in the `alloptions` cache.
== Why is this an issue? ==
The `alloptions` cache is loaded very early in the WordPress request lifetime. From this moment until the end of a request, option reads are taken from this cache rather than the database.
In addition, every time an autoloaded option is updated or deleted, `alloptions` is similarly updated. However, this means that on '''any''' autoloaded option being updated, '''every''' autoloaded option has its value set to the value at load time.
This is a huge concurrency bug, as it's very easy to run into accidentally. As a proof of concept, try updating two different options in two different requests at the same time, and you'll see that whichever ran first will lose the changes. (See #25623)
(We're running into this issue a few times a week, due to certain plugins running an `update_option` on a high percentage of requests. These plugins are obviously being dumb in doing so, but they're revealing the core bug quite nicely.)
== How do we fix this? ==
The biggest issue is that `alloptions` is a single cache item containing every option. If we reduce this to one cache item per option, the concurrency problem is then reduced to individual options (and can be mitigated in the places it actually matters, typically in plugins). Rather than storing all the options, we can instead cache the keys that matter, then grab the values for all of those at once.
This means that we may still have minor concurrency issues when adding and removing options, however these happen much less often than updating existing ones. In addition, the cache would now only be used to decide which options to load at the start of the request, so worst case scenario, you end up with extra object cache `get` calls. This is much better than the current case, where a concurrency problem can return incorrect data.
This change would require adding a `wp_cache_get_multi` to take full advantage of the cache, however compatibility could be shimmed here with a loop and individual calls to `wp_cache_get`. This '''would''' cause worse performance for object caches that don't support multi-get (or haven't been updated), but at the benefit of no longer returning potentially bad data.
There's a few things that need to be done for this:
* Add `wp_cache_multi_get`, and talk to object cache maintainers to update the popular ones to support it (Memcache, APC)
* Change `wp_load_alloptions` to pull from `alloptionskeys`, then run a multi-get on those
* Ensure `alloptionskeys` is a protected option name
* Store value caches per-key",rmccue,39
38507,Quick Edit: Parent label without input when editing page,,"Posts, Post Types",,normal,normal,Future Release,defect (bug),new,has-patch,2016-10-26T07:53:42Z,2016-10-27T06:51:18Z,"Noticed while working on #18375.
To reproduce:
1. Delete all pages
2. Create a new page, save as Draft
3. Click Quick Edit or Bulk Edit
4. Notice a 'Parent' label without any dropdown
It might make sense to always use 'show_option_none' in `wp_dropdown_pages()`, even when there are no pages. However, that might lead to data loss when a parent ID is set but the page does not exist anymore. Instead, the 'Parent' label could be hidden.
Screenshot:
[[Image(https://cldup.com/tUquX3xYvS.png)]]
",swissspidy,2
38211,Interference of AJAX search with input field auto-complete,,Plugins,4.6,normal,normal,Future Release,defect (bug),new,has-patch,2016-10-02T12:09:55Z,2016-10-26T23:08:23Z,"In WordPress 4.6 new feature was introduced in ""Add Plugin"" page - user input in ""Search Plugin"" field triggers AJAX search. That's great but it also makes browser's auto-complete of this field to disappear (at least in Chrome).
Therefore it's difficult to select an already existing option of plugin name that browser's auto-complete offers because AJAX search gets triggered very soon after you type a letter in input field.
So, in most cases I need to type full name of the plugin or try to select auto-complete option before AJAX gets triggered.
I'm not sure what the solution for this would be but I don't think it's difficult to press Enter or tap Search button after you have written everything you wanted without system interfering with the process without user wanting it.
In addition, the fact that button Search disappeared some time ago made it impossible to add a plugin on touch devices. I see that AJAX search perhaps tries to fix this but it breaks auto-complete as I mention above.",armandsdz,7
37964,Allow customizer controls to be encapsulated by accepting pre-instantiated settings,westonruter*,Customize,3.4,normal,normal,Future Release,enhancement,accepted,needs-unit-tests,2016-09-07T06:31:49Z,2016-10-26T20:31:50Z,"In #35926 the ability to add setting-less controls was made possible. The work here only went halfway, however. Consider wanting to re-use a control in a standalone context (see #29071), where the settings used in the control are just plain `wp.customize.Value` instances. Controls should allow pre-instantiated `Value` (`Setting`) objects to be passed in as `params.settings`. And when this is done, there would be no `api( settingId... )` deferrals.
So one should be able to create a new control like this:
{{{#!js
var control = new wp.customize.Control( 'product_color', {
type: 'color',
params: {
settings: {
'default': new wp.customize.Value( '#000000' )
}
}
} );
}}}
Instead of having to do:
{{{#!js
wp.customize.create( 'product_color', 'product_color', '#000000', {} );
control = new wp.customize.Control( 'product_color', {
type: 'color',
params: {
settings: {
'default': 'product_color'
}
}
} );
}}}
The goal is to allow controls to be encapsulated and to be able to use them in standalone contexts or embedded inside of other controls.
Related:
* #30738
* #37275
* #29071",westonruter,16
38068,Add filters to wp_new_user_notification and wp_password_change_notification,,Users,,normal,normal,Awaiting Review,enhancement,new,dev-feedback,2016-09-15T13:46:22Z,2016-10-26T20:28:39Z,"There is a filters (retrieve_password_title and retrieve_password_message) to set retrieve password message in wp-login but not for wp_new_user_notification and wp_password_change_notification in pluggable.php this patch adds them
the new filters are
wp_password_change_notification_subject
wp_password_change_notification_message
wp_password_change_notification_headers
wp_new_user_notification_admin_message
wp_new_user_notification_admin_subject
wp_new_user_notification_admin_headers
wp_new_user_notification_message
wp_new_user_notification_subject
wp_new_user_notification_headers",pbearne,9
38520,Add @return docs for interleave_changed_lines() (and prevent bad parsing),,General,,normal,normal,Awaiting Review,defect (bug),new,has-patch,2016-10-26T18:50:09Z,2016-10-26T18:50:09Z,"For `interleave_changed_lines()` in `WP_Text_Diff_Renderer_Table`, the return value is documented rather sparsely and poorly in the description and not documented in `@return` except as being an array. (In fact, it is slightly better documented in a comment preceding its sole invocation, in `_changed()`.)
This existing documentation utilizes a glob-style notation that fails to accurately indicate the exact return value array elements to be expected. Additionally, this unnecessary notation gets misinterpreted as Markdown by WP-Parser, resulting in a mangled description for the function in developer.wordpress.org (appearing as partially italicized text and a stray text in a code block).
See: https://developer.wordpress.org/reference/classes/wp_text_diff_renderer_table/interleave_changed_lines/
(or for posterity: [attachment:38520.bad-parsing.png])
Attached is a patch ([attachment:38520.diff]) to add documentation of the proper syntax and with better docs themselves.",coffee2code,
38517,Remove references to 'articles' instead of 'posts',,General,,normal,normal,Future Release,enhancement,new,dev-feedback,2016-10-26T17:51:29Z,2016-10-26T18:33:34Z,"On the `Settings -> Discussion` screen, posts are referred to as ""articles"". The reason for this phrasing is to avoid ""post"" being used as a verb and a noun within the same sentence:
`Allow people to post comments on new articles`
Ref: https://core.trac.wordpress.org/ticket/22961#comment:9
This problem can be avoided by referring to submitting comments instead of posting comments:
`Allow people to submit comments on new posts`
There are a few related places where the phrase ""article"" is used instead of posts. These should all be replaced with ""posts"" for consistency.",johnbillion,1
23348,"Add a ""Contribute"" tab to the about page",,Help/About,3.5,normal,normal,Future Release,enhancement,reopened,has-patch,2013-01-31T22:22:19Z,2016-10-26T17:43:54Z,"The path to find out how to contribute is several levels deep in WordPress itself. Right now, you have to click on the W icon, then About WordPress, then the Credits tab, and then scroll down to the bottom of that page to see a micro link in the footer: Want to see your name in lights on this page? Get involved in WordPress.
Also, only Core Contributors are on this list so it gives a false promise of being listed on this page if you contribute which is not the case.
We discussed adding a link in #wordpress-sfd and everyone thought this would be a good idea so that more people could find out how to get started in contribution.
I am new to creating tickets so please let me know if there is any other information you need!",mt_suzette,17
23870,Filter Glyph for Comment Required Fields,SergeyBiryukov,Comments,3.5,normal,normal,Future Release,enhancement,assigned,has-patch,2013-03-27T16:57:51Z,2016-10-26T14:34:31Z,"Currently the `comment-template.php` file uses an asterisk (*) as the default glyph for required fields used in the `comment_form()` function. This glyph is not easily manipulated without having to essentially over-write the entire `comment_form()` function.
I suggest the glyph be filtered. Therefore if one wants to change it, for example, to a hash (#) symbol then they can simply filter the output; or, if for any other reason one might want to enhance the glyph visibility or utility the filter would then allow for this while minimizing the impact on the default comment form.",cais,24
38509,"Wordpress 4.6.1 bug - updating posts in visual mode, corrupts them",,Editor,4.6.1,normal,normal,Awaiting Review,defect (bug),new,,2016-10-26T10:24:05Z,2016-10-26T10:42:57Z,"Hi, this is related to ticket https://core.trac.wordpress.org/ticket/38269
and we have a clearer knowledge of what is happening. It is very simple: straight after the 4.6.1 update, if we update (save) posts while in visual mode, wordpress messes up the HTML formatting, visually splitting the post and pushes all links to the bottom. This took us many hours to fix. From then on we only save in text mode, and this works. But how can we solve this problem? we are using Designwall Focus Theme 1.08. Even if the theme or one of our plugins is causing this problem, its clearly due to a conflict with the 4.6.1 update. (never had this problem before and we didn't add any plugins during the update).
How can we diagnose this... thanks
",rsspanic,1
38424,Custom form taxonomy field doesn't clear after added...,,Taxonomy,4.7,normal,normal,Future Release,defect (bug),new,dev-feedback,2016-10-20T21:41:06Z,2016-10-26T08:41:18Z,"Hi,
I was adding a new taxonomy field via the action {$taxonomy}_add_form_fields.
Anyway if the input type is 'url', after added the new taxonomy the form field doesn't clear itself, and in the url field will remain the inserted value.
This doesn't happen if the input type = text.
Thanks.",SGr33n,3
38500,Automatically cancel pending Travis builds with each commit,,Build/Test Tools,,normal,normal,Awaiting Review,task (blessed),new,,2016-10-25T23:12:44Z,2016-10-26T06:21:10Z,"This might be a meta ticket or it might be a @jorbin ticket.
When many commits land in core within a short (or not so short) period of time, a backlog of [https://travis-ci.org/aaronjorbin/develop.wordpress/builds pending builds] can build up on Travis, which means committers have to wait longer and longer to see the result of their commit. Sometimes interim builds are manually cancelled by users that have been given access by @jorbin.
Ideally, any ''pending'' builds (builds that have yet to start) would be automatically cancelled when each new build gets triggered by a commit. That way, when a build completes, all interim builds will be skipped and the most recent build will begin.
This works well for the WordPress project because we only have a single branch and don't need to worry about builds for other branches.
Travis has [https://docs.travis-ci.com/api an API] that could be used to cancel pending builds when each new build arrives.
Thoughts?",johnbillion,2
38498,Database errors during installation with an existing wp-config.php file,,Upgrade/Install,,normal,normal,Awaiting Review,defect (bug),new,,2016-10-25T22:45:48Z,2016-10-25T23:42:09Z,See attached screenshot.,ocean90,1
23328,While editing widgets in accessibility mode the position can be indicated by widget titles instead of numbers,afercia,Widgets,,normal,normal,Future Release,enhancement,assigned,has-patch,2013-01-30T18:32:33Z,2016-10-25T18:59:27Z,"Guess it title says it all. Right now you need to figure out the position you want the widget to be at and try remember it while editing the widget.
I suggest to change the text text of the position column header from ""position"" to ""position after"" and use labels in the drop down
1 => ""top""
2 => top widget title
3 => second widget title[[BR]]
etc",mark-k,21
19879,Better caching for get_dirsize,,Filesystem API,3.3.1,normal,normal,Future Release,enhancement,new,needs-unit-tests,2012-01-23T15:42:59Z,2016-10-25T16:15:36Z,"In a multisite install, when trying to determine whether a site has exceeded its storage quota, WordPress will scan through a blog's upload directory and sum up the file sizes, by running {{{filesize}}} against each one. With a large number of files, this can significantly slow down the upload process or certain portions of the Dashboard.
{{{get_dirsize}}} has transient caching in place but this is a single cache entry for all folders. It might be better if WordPress has a separate cache entry for each folder and was invalidated based on context so that get_dirsize does not need to be run constantly on older, unchanged directories as frequently.",batmoo,13
38487,the_archive_description() doesn't output the custom post type description when used in a post type archive template,,"Posts, Post Types",4.6.1,normal,normal,Awaiting Review,enhancement,new,,2016-10-25T16:10:54Z,2016-10-25T16:11:36Z,"When registering a custom post type using {{{register_post_type()}}}, we can provide a CPT description using the {{{description}}} param.
If {{{the_archive_description()}}} is used in a custom post type archive template, the CPT description doesn't get outputted.",henry.wright,1
37667,Handle post type support in `WP_Post_Type`,,"Posts, Post Types",4.6,normal,normal,Future Release,enhancement,new,dev-feedback,2016-08-15T11:29:21Z,2016-10-25T16:03:05Z,"Currently post type features are stored in a global variable `$_wp_post_type_features`. Now that we have `WP_Post_Type`, I think it would make sense to let the class handle this functionality. Post type features are part of a post type, so they should also be part of it in the implementation. This would also allow us to get rid of the global variable we currently use (note that it's private, so it's not intended to be used directly by other developers).
There's a single possible caveat I would see with this implementation: That would be if post type support is added before the post type is even registered. However, I would think we might be able to change this (with a dev note) since it should be best practices to add post type support either directly (via the `supports` argument in `register_post_type()`) or after registering the post type. Adding a post type feature without the post type being registered is not logical in my opinion.",flixos90,6
38224,Not enough results in menu-page-add-search,,Menus,4.6.1,normal,normal,Awaiting Review,defect (bug),new,dev-feedback,2016-10-04T09:42:08Z,2016-10-25T14:12:35Z,"While editing menu, trying to add a page, searching for the page ""research"" in a database with hundreds! of pages with this word in it, looking for that ONE page with just 'research' as title, the page is not listed
admin/includes/nav-menu.php, _wp_ajax_menu_quick_search with type=quick-search-posttype-page the WP_Query lists posts_per_page = 10, but the search does NOT provide a paginator.
I call this a bug because it is not working as intended; I assume you intended that the search would allow a page to be found, so the bug would be ""pagination is missing""
I have hard-coded a -1 to avoid the issue for now
possible solutions are:
- add pagination
- add a filter on the arguments so we can set a different page-size without altering the code
",clearsite,2
38228,Add filter to default gallery shortcode output,,Gallery,4.7,normal,normal,Awaiting Review,enhancement,new,dev-feedback,2016-10-04T18:27:54Z,2016-10-25T14:12:02Z,"Right now the only way to alter the default gallery shortcode output is to use the ""post_gallery"" shortcode which effectively requires the developer to rewrite the entire shortcode.
There is a lot of redundancy in here since in most cases, we do not want to alter the retrieval of gallery items.
By adding a simple filter at the end of the gallery, we can save a lot of code as well as not effect anyone currently using the post_gallery filter. See my proposed patch.",tristangemus,2
32202,Add support for options page locking (settings API concurrency),,"Options, Meta APIs",3.6,normal,normal,Awaiting Review,enhancement,new,dev-feedback,2015-04-30T01:18:48Z,2016-10-25T10:55:28Z,"If two users access an options page at the same time, the user who saves last will have their settings stick, while the user who saves first will have their settings lost. This is because options pages lack any access concurrency checking.
In #31436 we propose to handle conflicts in concurrent Customizer sessions by adding locking to individual controls so that users can't override each others' values. The same functionality is needed for options pages generated generated via the Settings API. At the most basic level, locking could be implemented to block a user from accessing an options page if someone else is already there, presenting the user with the same takeover screen as shown for post locking.
A more sophisticated approach would be to allow multiple users to edit an options page at once, either by syncing values across the sessions via Heartbeat, or by disabling a field entirely for other users when one user starts editing it. In this way, the disabled field would not be included when the other users submit the form. This may not work in all cases, however.
Another approach, less sophisticated and not using Heartbeat at all, would be to introduce a persistent counter for saves to a given admin page. This would serve as a revision number, and the revision could be included with each settings form. If the submitted form has a setting number that is not the same as what is currently stored, then this would indicate there is a potential conflict and the user could be presented with a screen to resolve any differences.",westonruter,8
34173,Edit locking for term management,,Taxonomy,,normal,normal,Future Release,enhancement,new,,2015-10-06T18:41:30Z,2016-10-25T10:55:24Z,"If you give a WordPress developer term meta, they'll want to add fields to the term edit page.
If there are numerous editable fields on the term edit page, then WordPress should make sure User B's changes don't accidentally override User A's changes.
Related #32202",danielbachhuber,1
38469,wp-includes/widgets.php:1208 Undefined index: wp_inactive_widgets,,General,4.6.1,normal,normal,Awaiting Review,defect (bug),new,,2016-10-24T09:23:48Z,2016-10-25T08:55:12Z,"Hey!
Multiple persons can reproduce this error in our company.
After I switch themes I'll get notice about widgets.
It happens in wp-includes/widgets.php:1208
I'm using custom wp-content/install.php which doesn't add any widgets because we don't usually use them at all.
This problem gets fixed when I add this snippet in my mu-plugins:
{{{#!php
html tag,azaozz,TinyMCE,,normal,normal,Future Release,enhancement,assigned,has-patch,2016-10-15T01:45:53Z,2016-10-24T21:14:27Z,"In #27159 we're discussing how some buttons in TinyMCE generate non-semantic html. Part of the proposal there is to remove the `underline` button because it inserts non-semantic inline styles in our database entries: ``.
The HTML Mark Element () represents highlighted text, i.e., a run of text marked for reference purpose, due to its relevance in a particular context. There's more information here: https://developer.mozilla.org/en-US/docs/Web/HTML/Element/mark
This new buttons should appear next to strike-through/del (since that grouping affects inline relevance - strong, emphasis, delete, mark).
New icon is needed as well as a patch before we can do some user testing.",hugobaeta,25
35561,function wp_admin_canonical_url() not using configured site url when constructing canonical url link tag,,Administration,4.4.1,normal,normal,Awaiting Review,defect (bug),new,reporter-feedback,2016-01-21T16:00:36Z,2016-10-24T20:59:15Z,"I was having an issue with the wp_admin_canonical_url() function in wp-admin/includes/misc.php and I have a suggested fix
I am running word press behind a reverse nginx proxy on a different box so my main site is at http://www.rammount.com and the blog is at http://www.rammount.com/blog
The blog url is set in the WordPress configuration. But when you log into the admin section the wp_admin_canonical_url() function does not pick up the configured url instead it constructs the url without the /blog. This of course breaks links in the admin section, constantly redirecting things to http://www.rammount.com without the /blog
by changing the following line:
`$current_url = set_url_scheme( 'http://' . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI'] );`
to:
`$current_url = set_url_scheme(home_url(add_query_arg(array(),$wp->request)) . $_SERVER['REQUEST_URI']);`
the problem is solved. the proper url is created and as such the links in the admin section that use the canonical url link function correctly.
Hoping to have this change evaluated for inclusion, so that I don't have to remake this edit every time one of my designers updates the WordPress installation?",ilude,5
35774,WordPress admin structure,SergeyBiryukov,Administration,,normal,normal,Future Release,enhancement,assigned,has-patch,2016-02-08T13:29:06Z,2016-10-24T20:43:28Z,"Currently the admin titles has a wired structure. Few examples:
* **Dashboard ‹ Site Name — WordPress**
* **Posts ‹ Site Name — WordPress**
* **Writing Settings ‹ Site Name — WordPress**
Same structure applies for plugin setting pages.
* `page-title ‹ site-name — WordPress`
The problem with this structure:
* Why are we using `‹` character? why not `›`.
* We should add RTL support for the separator.
* The `Site Name` and the `WordPress`, they look like bad combination.
Few suggestions:
* We need to replace the `‹` character with `›`.
* We can add RTL support. See ticket #35737 and changeset [36487].
* And we need to think about the combination of `WordPress` and `Site Name`.",ramiy,17
33085,Customizer: controls description inside labels are not real labels nor descriptions,,Customize,4.2,normal,normal,Future Release,defect (bug),reviewing,,2015-07-22T22:45:01Z,2016-10-24T17:56:47Z,"Splitting this out from #32493 (which changed its scope)
I'd propose to investigate about the Customizer controls descriptions. Currently, they're inside the label element. The result is they're not a proper form label, since labels should be short. Longer descriptions should be associated with form controls using `aria-describedby`.
As consequence for accessibility: as soon as a form control is focused, its label gets read out. In the following example from the new ""Site Icon"" functionality in 4.3, all the text highlighted in the blue box will be read out but the actual button text ""Select File"" won't. [http://www.w3.org/TR/html5/forms.html#category-label Buttons can have labels], that's correct HTML, but of course the label text will override the button text.
Not to mention all the label text is clickable and will activate the button when clicked.
[[Image(https://cldup.com/YrBf73CbMo.png)]]
Same for input fields, the control description used as label will be read out as... a label.
[[Image(https://cldup.com/cgetk_WbNT.png)]]
Related: #31540",afercia,24
28536,Add browser history and deep linking for navigation in Customizer preview,,Customize,3.4,normal,normal,Future Release,enhancement,reviewing,has-patch,2014-06-14T08:30:58Z,2016-10-24T17:45:06Z,"The Theme Customizer allows you to click links within the preview to navigate to other URLs to customize. Navigation within the preview is especially important now with the Widget Customizer, since many templates display render widget areas, and you may have to navigate to another URL in the preview to edit that template's widget areas.
When you navigate, however, the URL in the parent window does not update to reflect the URL inside of the preview. If the Customizer was first invoked from http://example.org/test-page/ then the URL in the Customizer will remain http://example.org/wp-admin/customize.php?url=http%3A%2F%2Fexample.org%2Ftest-page%2F no matter how much navigation is done in the preview. This makes it difficult to deep-link in the Customizer preview.
Additionally, you cannot currently use the browser's back button to return to the previously URL previewed in the Customizer.
To address the above usability problems, the Customizer should implement `history.pushState` and the `popstate` event. Some support for these were added when invoking the Customizer from for a theme preview, but it was only implemented to add support for exiting out of the Customizer via the back button. See [20488] for #20337.",westonruter,41
37331,New site form has non-required fields that have to be filled in,rianrietveld,Networks and Sites,,normal,normal,Future Release,defect (bug),assigned,has-patch,2016-07-11T21:58:53Z,2016-10-24T17:40:37Z,"In multi-site's New Site form, there are several fields that are not required to submit the form (required and aria-required attributes are not set) but the form will fail server-side validation if these fields, such as admin email are not filled in.
The form really should have client-side and server-side validation for UX and accessibility reasons.",Shelob9,17
34189,Add warning about changing $table_prefix for existing database,,Bootstrap/Load,4.4,normal,normal,Awaiting Review,enhancement,new,has-patch,2015-10-07T10:50:06Z,2016-10-24T16:56:47Z,"When changing the $table_prefix for an existing database, it is not sufficient to rename the tables. You also have to change several values in at least two tables. In my case, changing prefix from ""wp_"" to ""bbj_wp_"" this involved at least the following SQL:
UPDATE bbj_wp_options
SET option_name = 'bbj_wp_user_roles'
WHERE option_name = 'wp_user_roles';
UPDATE bbj_wp_usermeta
SET meta_key = 'bbj_wp_user_level'
WHERE meta_key = 'wp_user_level';
UPDATE bbj_wp_usermeta
SET meta_key = 'bbj_wp_capabilities'
WHERE meta_key = 'wp_capabilities';
The attached patch adds a warning to the generated wp-config.php file about this. There is much room for improvement here, including giving detailed information on what needs to be changed or even re-writingthe particular misfeature that stores tables names in other tables. The patch is intended as a stop-gap 'til such improvements are made. Hopefully this will prevent others from chasing down the same wildly unexpected behavior should they decide to change $table_prefix
",bjerke-johannessen,8
38473,Additional hook for users list table navigation area,,Users,4.7,normal,normal,Awaiting Review,enhancement,new,has-patch,2016-10-24T16:08:42Z,2016-10-24T16:30:04Z,"A similar situation has been already discussed for {{{class-wp-posts-list-table.php}}} and {{{manage_posts_extra_tablenav}}} action, here: https://core.trac.wordpress.org/ticket/30341#no0.
The {{{extra_tablenav()}}} function in {{{class-wp-users-list-table.php}}} provides a hook for adding extra filtering options ({{{restrict_manage_users}}}), but there's no way to add extra markup (links, buttons, additional help text, etc.) after the 'Filter' button. I propose adding an additional hook to allow additional markup to be added here.
Adding a hook here may only have fringe use cases, but I don't see a reason not to include it as it won't affect any existing functionality and will make the post and page list tables just a little bit more extensible.",antonioeatgoat,
38470,A way to edit depth of WP_Theme::get_files() ?,,Themes,4.7,normal,normal,Awaiting Review,enhancement,new,,2016-10-24T12:09:42Z,2016-10-24T12:09:42Z,"Hi!
Task: To show all text-based files inside Wordpress Theme Editor & edit them.
Challenge: Is it possible to change the defaults of WP_Theme::get_files()? I mean type and depth?
Some of you may recommend to install a code editor, but this is not an option.",dmbostan,
35269,Check data type of wp_xmlrpc_server_class filter before instantiate wp_xmlrpc_server_class,,XML-RPC,4.4,normal,normal,Awaiting Review,feature request,new,dev-feedback,2015-12-30T21:32:23Z,2016-10-23T19:41:09Z,"There is a filter 'wp_xmlrpc_server_class' in ./xmlrpc.php for a plugin to entirely replace the standard XML-RPC server implementation.
For some case we want to entirely disable XML-RPC server. So we pass a FALSE value through the wp_xmlrpc_server_class filter. And it causes a Fatal error in xmlrpc.php
To prevent this error we pass a fake class name that contains a blank method serve_request.
But it would better if there is a validity check of the return value of wp_xmlrpc_server_class filter.
If the return value is not a valid class_name then $wp_xmlrpc_server_class will not be instantiated and process will be exit there.
I have a patch for this.
",onetarek,2
38460,New user form on network site has non-required fields that have to be filled in,,Networks and Sites,,normal,normal,Awaiting Review,defect (bug),new,has-patch,2016-10-23T15:06:27Z,2016-10-23T16:08:21Z,"Similar to ticket #37331 In multi-site's New User form, there are several fields that are not required to submit the form (required and aria-required attributes are not set) but the form will fail server-side validation if these fields are not filled in.",jackreichert,1
38360,WP does not return attached media,joemcgill,General,4.6.1,normal,normal,Awaiting Review,defect (bug),reviewing,close,2016-10-18T23:23:40Z,2016-10-23T12:51:08Z,"Hi.
I spent few thinking why my function does not work. Then I started debugging SQL queries.
I've got few pictures attached to my post.
I used `get_children(get_the_ID()` and I got nothing.
Similar effect with get_attached_media and get_posts with arguments (like post_parent).
What I noticed?
SQL query from get_children looks like the below:
{{{
SELECT wp_posts.* FROM wp_posts
WHERE 1=1
AND wp_posts.post_parent = 1510
AND wp_posts.post_type IN ('post', 'page', 'attachment', 'teams', 'projects', 'technologies-list')
AND ((wp_posts.post_status = 'publish' OR wp_posts.post_status = 'pending'))
ORDER BY wp_posts.post_date DESC
}}}
I started thinking it could be wrong, because post_status of the images is inherit. I changed the status in DB to publish and it started working.
I thought I figured out where the reason is, but now I'm no longer sure.
I'm sure in the above query `wp_posts.post_status = 'inherit'` is omitted for post_type=attachment.
In `get_posts()` you set `post_status` to `'inherit'` if it is attachment but it seems not to work, even if I pass post_status to the function.
Then the query is built and post_status is checked if it is equal to `'publish'` and it should be checked if it is inherit and if so the status of its parent should be checked.
If you have any question I'm at your service.
Kind regards,
Bernard",blatan,6
38453,New UI for the settings page of the dashboard,,General,4.7,normal,normal,Awaiting Review,enhancement,new,,2016-10-23T12:00:08Z,2016-10-23T12:00:08Z,"The dashboard settings page is very basic looking - build using simple table markup and has almost zero stylings applied. I would like to suggest a change to this, where new visual elements and better organization is added to the page. Meaning - better separation between different components, description, larger click area/input fields, validation of the input fields and so on.
In short - bring the settings pages to more modern look. It won't add new features to it, so the users won't be required to make choices but instead it will make the general experience of the page better.
I am attaching sample mockup/idea screenshot I had on top of which I can work more based on the feedback and if this is needed in the first place. Any input regarding is welcome.
----
Here is the screenshot:
[[Image(http://i.imgur.com/KQHZiHk.png)]]
The validation is there to show how it can look, not that I focus on this. Honestly, I believe while it would be awesome it's not of very high priority to have it.
Another thing I want to comment about the design - the tabs on top are also only an idea, I can see how they can be a problem instead of a solution, so thoughts regarding this is also welcome. It's there just to show it visually",xavortm,
37586,Menu customizer: search results not properly filtered,,Customize,4.3,normal,normal,Future Release,defect (bug),new,has-patch,2016-08-05T16:36:50Z,2016-10-23T10:18:28Z,"{{{customize_nav_menu_available_item_types}}} is a filter located in {{{class-wp-customize-nav-menus.php}}}.
The purpouse of this filter is to restrict item types available in the Menu Customizer.
This filter should be applied even if I perform a research using the search field in Menu Customizer.
But this does not happens.
While in Menu Customizer, doing a research, in search results shows up even items of specific types excluded with {{{customize_nav_menu_available_item_types}}} filter.
We can resolve this issue using another filter always located in the same class: the {{{customize_nav_menu_searched_items}}} filter.
With this filter we can restrict the selections of items received from the search result just before sending them to the frontend (ajax response).
But this could be considered only a workaround and not a solution, because items should be filtered/excluded by type BEFORE wordpress performs the query to the database.
We should suppose that, if we uses the {{{customize_nav_menu_available_item_types}}} to filter item types available on Menu Customizer, most likely we do not want search for elements of theese item types. ",virgodesign,2
12939,Counterpart to content_save_pre hook not called when getting post content via API,josephscott,XML-RPC,2.9.2,normal,normal,Awaiting Review,defect (bug),reopened,dev-feedback,2010-04-09T13:53:57Z,2016-10-23T10:17:56Z,"When a post is submitted either through the web editor interface or from an API call to newPost or editPost, the content of the post is inevitably passed through the content_save_pre filter.
And when a post is opened for editing in the web editor, the content is passed through filters such as the_editor_content and content_edit_pre.
However, when a post is fetched for editing via XMLRPC API calls such as getPost or getRecentPosts, the content_edit_pre filter is never reached.
This leads to a situation where whatever massaging of the content that a plugin may peform on the way into the database is not reversed on the way back out, for clients of the API. A concrete example of this problem is with the popular Syntax Highlighter Evolved:
http://www.viper007bond.com/wordpress-plugins/syntaxhighlighter/
This plugin performs encoding of the post content before it is stored in the database, and it counts on being able to decode that content by adding filters to hooks such as the_editor_content. However, none of these filters are reached via the API, leading to ""corrupted content"" when users try to edit posts from API clients such as the iPhone WordPress app, or my desktop editor, MarsEdit.
(My previous bug report #10802 exhibits the same symptoms of this bug, but this is a different cause).
In summary:
1. WordPress needs to establish a clear, baseline hooks for massaging content before it is saved to the database, and for un-massaging the content on the way out of the database. Currently there seems to be uncertainty about which hooks need to be overridden and under what circumstances. It seems to me that content_save_pre and content_edit_pre are probably good candidates for this.
2. Whatever hooks are established as the guarantees need to be applied once and only once in both the web-based editing scenario, and in the API editing scenario.
I think that having a well documented pair of hooks for this purpose that works identically in the web editing and API editing cases will do a lot to ensure correct behavior when plugins are installed that massage content, and will make it easy for plugin developers to ""do the right thing"" without relying on hooks that are specific only to the web editor, or to the API.
",redsweater,10
38369,Docs: Incorrect return type for get_comments_number(),,Comments,,normal,normal,Future Release,defect (bug),new,has-patch,2016-10-19T16:31:31Z,2016-10-23T09:55:47Z,"`get_comments_number()` doesn't return an integer. It's a numeric string, [https://core.trac.wordpress.org/browser/trunk/src/wp-includes/class-wp-post.php?marks=184&rev=38381#L181 for compatibility reasons].",ocean90,1
34889,wp_check_password() and issue with trailing space,,Login and Registration,4.1.1,normal,normal,Awaiting Review,defect (bug),new,needs-unit-tests,2015-12-06T21:57:21Z,2016-10-23T09:52:12Z,"I have users logging in via wp-login.php and then filling out a custom form with the last field entered being their WordPress password.
One specific user can login fine to wp-login.php but when she enters information on the form and her WordPress password, validation fails on wp_check_password().
I realized that her password contains a space at the end.
By creating a brand new user and ensuring it contains a space the bug is evident with the test script I've uploaded.
The version of the production site at the moment is 4.1.1 of where I first saw the bug, but I can reproduce this issue on a brand new WordPress install of 4.3.1 and from the github version currently at 4.5-alpha-35794.
Looks like it's related to but different than ticket
https://core.trac.wordpress.org/ticket/23494",jperlman,3
38443,Replace Em dash with the html entity number format,,Administration,4.7,normal,normal,Awaiting Review,enhancement,new,has-patch,2016-10-22T11:05:36Z,2016-10-22T16:10:15Z,"Also for consistency, see e.g. https://core.trac.wordpress.org/browser/trunk/src/wp-admin/includes/class-wp-posts-list-table.php#L1097",SGr33n,2
33240,Introduce a capability for previewing posts,,Role/Capability,,normal,normal,Future Release,enhancement,assigned,needs-unit-tests,2015-08-03T11:36:52Z,2016-10-22T12:45:07Z,"In order to preview an unpublished post (ie. draft or pending), a user needs the `edit_posts` capability for that post type ([https://core.trac.wordpress.org/browser/tags/4.2.3/src/wp-includes/capabilities.php#L1174 src]).
There is a valid use case where a site requires a user role which has the capability to preview unpublished posts but not edit them, for example for editorial review/sign-off, layout review, early access, etc.
You can [http://wordpress.stackexchange.com/a/196209/27051 get around this by using a combination of the posts_results and the_posts filters], but this isn't very future-proof because the post results skip a bunch of logic that occurs between those two filters.
A `preview_post` meta capability and a `preview_posts` primitive capability could be introduced and implemented wherever the `edit_posts` capability is used in regard to previewing unpublished posts. By default, it will simply map to the `edit_posts` capability.
Thoughts?",johnbillion,4
38419,Make beta testing an opt-in feature in core,,General,4.7,normal,normal,Awaiting Review,feature request,new,,2016-10-20T19:27:42Z,2016-10-22T06:37:19Z,"Currently beta testing of WordPress core (and feature plugins) is something you have to be aware of to take part in. This limits the reach of beta testing feedback to those who are intimately engaged in the day-to-day development of WordPress core and results in feedback that skews heavily in the direction of those who build WordPress as opposed to those who use WordPress.
To increase participation in end-user testing of WordPress core and feature plugins, active participation in such programs should be surfaced more visibly, either through settings during install, a modal pop-up, or an alert.
To be clear, I'm not talking about testing of bleeding edge nightlies here, but specific features and feature plugins in Beta or RC state.
A simple admin alert saying ""WordPress 4.7 beta is available. Would you like to test it?"" would be a huge improvement. Similar can be done with select feature plugins, especially if the alert is tied to the feature they change/improve (so for a new media feature, the alert would appear when the media functionality is engaged: ""We are working on a new and improved media panel. Would you like to test it?"").
This would of course have to be done sparingly to avoid alert overload.
== Simplified feedback procedure ==
Along with the surfacing of beta testing, there should be a way to provide feedback on features directly from within WordPress admin. Asking for feedback to be posted in a Trac ticket or even a Make blog post limits the number of possible responses significantly. An in-app feedback feature activated only for testers would greatly simplify the process and most likely increase the volume of feedback data significantly. Whether this data is mapped to Trac tickets or something else needs to be addressed.",mor10,7
38207,Disable Trackbacks by Default Keep Pingbacks On,,Pings/Trackbacks,,low,minor,Awaiting Review,enhancement,new,dev-feedback,2016-10-01T19:21:01Z,2016-10-21T23:41:23Z,"Trackback is a manual technology. Pingback is an automated technology(automatically pings sites linked to in post content).
The question comes from me as the component maintainer and I'm opening this as a place for if the proliferation of Trackback Spam and the manual requirement has made it worth disabling the receipt and/or sending of trackbacks by default while leaving pingbacks enabled.
I continue to be committed to pingback and the concept in general, but I have to ask regarding the interest in trackback. I'm putting out a call for comment in this regard.
The only recent trackback related requests involve expensive queries to send trackbacks(See #36824).
Related #37007.",dshanske,4
38415,New Custom Link menu item has a wrong fallback label,,Menus,4.5,normal,normal,Awaiting Review,defect (bug),new,,2016-10-20T16:29:50Z,2016-10-21T19:43:15Z,"On the menus screen, when adding a Custom Link to a menu '''and leaving the link text field empty''', a default fallback `Menu Item` label was set:
[[Image(https://cldup.com/xaDohbjzS9.png)]]
On the latest versions though, the fallback label is ` (Pending)`, with a leading space:
[[Image(https://cldup.com/zq1ti4qSnq.png)]]
This was broken by [36379] 😬 my bad. Haven't looked in depth in the code but I think it could be fixed on the PHP side, I guess there's no need to restore the JS part that was removed in [36379].
",afercia,2
33740,Create a new API to standardize application tracing,,Bootstrap/Load,4.4,normal,normal,Awaiting Review,feature request,new,reporter-feedback,2015-09-05T13:10:31Z,2016-10-21T18:57:08Z,"Having read #30934 and #28319, I think it's best if I raise a new requirement.
My proposal isn't about logging, it's related to problem determination tracing; the ability to dynamically activate trace logic to help someone to track down a problem.
I have been using my own solution ( a plugin called oik-bwtrace ) for a while now.
There are two dormant APIs that I need to make available at all times, even when tracing is not activated.
Since these functions are currently not available by default I've had to be careful where I use them. To circumvent the problem of trying to use an API which doesn't exist, many of my plugins have dependencies on a base plugin which supplies the dormant APIs.
Life would be a lot simpler if WordPress came with a set of dormant functions which I can rely on to exist.
This proposal is for two trace APIs. It could easily be extended to support logging.
The dormant APIs have the same basic structure
{{{
function dormant_api( easy to use parameters ) {
global $api_set_active;
if ( $api_set_active ) {
lazy_api( easy to use parameters );
}
}
}}}
In this example $api_set_active is just a boolean.
It's set to true when the API logic is activated, false otherwise.
To cater for different levels of tracing ( or logging ) we can either implement the test in the dormant API, or pass it to the lazy_api().
This solution is different from 'pluggable'.
The dormant APIs need to exist, from very early on.
The lazy APIs are provided by implementing plugins and should be implemented as pluggable.
The two APIs I really do need are currently called bw_trace2() and bw_backtrace().
I've attached the latest version of my shared library file that defines these APIs and the constants they use.
Assuming that these APIs will be required to trace WordPress core logic I feel that they need to have been defined early on in wp-settings.php
I therefore propose a new file called dormant.php which can, if the developer so wishes, be included in wp-config.php but would otherwise be loaded in wp-settings.php before load.php.
Note: It's the implementing plugin's responsibility to know when it's safe to do things.
In my implementation of a hook for the 'all' action I've used multiple strategies which involve loading my APIs in wp-config.php before wp-settings.php, using a Must-Use plugin to be able to record most hooks, but requiring a custom db.php to be able to capture everything. I can't do it before db.php since add_action()'s not available until then.
",bobbingwide,5
38434,Un-escaped character in svg-painter.js results in JavaScript errors with some CDN services,,General,4.6.1,normal,normal,Awaiting Review,defect (bug),new,,2016-10-21T16:49:00Z,2016-10-21T17:59:32Z,"Line 16 of `wp-admin/js/svg-painter.js` has an unescaped `#` symbol that can create errors with some popular CDNs that automatically minify JavaScript on the server. This breaks the ""Generate Password"" functionality in the admin area.
The line checks for SVG support in the browser:
`if(document.implementation.hasFeature('http://www.w3.org/TR/SVG11/feature#Image','1.1') ) { `
In my testing the error appeared on most pages, but the only functionality that was affected was generating new passwords for existing users from their profile pages in the admin area.
Specifically this bug appeared when using [SiteLock's](http://sitelock.com) CDN and minification services. It is a free/common add-on for those hosting with Bluehost. The JavaScript minifier was interpreting the `#` as a comment and commenting out a large chunk of the code after that point, creating the error.
Technically this should be considered a bug with whatever minifier SiteLock is using, as not all minifiers seem to behave this way in my testing. However:
- I don't know what they're using
- The Bluehost+SiteLock combination is popular enough that it seems like this bug could be present for many but unnoticed if they never use the password generator feature.
- The fix is very simple:
`if(document.implementation.hasFeature('http://www.w3.org/TR/SVG11/feature\#Image','1.1') ) { `
This fix results in correctly minified JavaScript and does not break any functionality.
Planning on submitting a patch shortly. Curious if this is considered something that should/could be fixed.
",georgemandis,2
30738,JS content templates for base WP_Customize_Control,westonruter*,Customize,4.1,normal,normal,Future Release,enhancement,accepted,needs-unit-tests,2014-12-17T02:33:15Z,2016-10-21T16:12:38Z,"This will make it possible to create all of the base Customizer control types directly in JS, and will allow them to share a single template passed from the server on Customizer init for all controls with the basic types (following up on #28709).
I think we may need to explore adjusting how register_content_type works since this control handles multiple types and all fallback types. But more likely we'll just do something a bit different, probably adding fallback handling on the other side and hard-coding these types into the Customizer Manager somewhere.
Follow-up to #29572. Related to several tickets I'm currently creating.",celloexpressions,27
34669,Custom back_link in wp_die and provide a filter,,General,4.4,normal,normal,Awaiting Review,enhancement,new,dev-feedback,2015-11-12T17:21:17Z,2016-10-21T15:37:26Z,"At the moment, inside `_default_wp_die_handler` function, the `$args['back_link']` (boolean) set to true allow to show a generic javascript back link: ``.
I know that it's possibile to write own function handler using `wp_die_handler` filter, but accepting a custom back url, and not only a boolean, could be an easy way without rewrite all the function.
In some cases it could be useful, here is an example.
I wrote a plugin that creates custom roles with custom caps. I use the meta cap filter to let user of custom roles to edit users of other roles, but not admin users.
So when an user of custom roles tries to bulk edit/promote/delete admin and not-admin users together, the user gets a wp_die message like: ''You can’t edit that user.''.
When the user goes back with browser, the user will see again the old users page with old (and wrong) info, because the bulk action has edited properly the not-admin users and leave the admins untouch.
I think it could be useful to provide the back url to wp_die message, so you can load the updated version of previous page.
I propose that `$args['back_link']` can accept 3 types of values:
- `false`: no back link shown (as now);
- `true`: show javascript back link shown (as now);
- `{url}`: show passed url.
In this way I can use `wp_die` for custom messages in my plugin pages, like:
`wp_die( 'Error message', '', array( 'back_link' => admin_url('whatever.php') ) );`
Then, it could be useful to have a filter inside `_default_wp_die_handler` function to customise error messages of default dashboard pages.
We could use the arguments (`$message`, `$title`, `$args`) to provide context to the filter, e.g.:
`apply_filters( 'default_wp_die_handler_back_link', $r['back_link'], $title, $args )`
`apply_filters( 'default_wp_die_handler_back_link_'.sanitize_key( $title ), $r['back_link'], $args )`
Or maybe use `wp_get_referer` to add more context.
I hope my explanation has been clear.",eventualo,1
36581,Customizer Header Image Control should extend the cropped image control,,Customize,3.9,normal,normal,Future Release,enhancement,new,,2016-04-18T19:55:06Z,2016-10-21T15:15:49Z,"`WP_Customize_Header_Image_Control` was written (in 3.9) before all of the other customizer media controls were refactored to use the media library (in 4.1) and additional controls were introduced (in 4.2 and 4.3). It uses an almost entirely separate codebase right now, and by merging it back in to use the newer functions, future enhancements can be made in fewer places to apply to more controls, and the cropped-image control will likely benefit with some new reusable features as well. Additionally, this cleanup will simplify the codebase and make it much easier to contribute to and understand the way the headers UI works, and why.
Ideally, we would be able to use `WP_Customize_Cropped_Image_Control` directly for header images by bringing more features that are currently specific to headers to all media controls. However, in practice we may end up needing it to remain a distinct control for various reasons. Regardless, it should extend WP_Customize_Cropped_Image_Control directly and make use of its functions in both PHP and JS where possible. Additionally, it should leverage the core API for JS-templated contols introduced in 4.1.
See #29211, and #32861, which would likely be fixed in the process of implementing this ticket.",celloexpressions,5
38195,Adding more mime_types filter to Media Library,,Media,,normal,normal,Awaiting Review,enhancement,new,dev-feedback,2016-09-29T21:49:35Z,2016-10-21T14:31:11Z,"In https://github.com/WordPress/WordPress/blob/e0a0be9579bf00c673f6fa9c68e87d4546271b37/wp-includes/post.php#L2191-L2206 WordPress is defining some default mime_types for filtering purpose in the media library.
At the moment this is everything starting with image, audio and video.
But there are more mime_types possible:
https://codex.wordpress.org/Function_Reference/get_allowed_mime_types#Default_allowed_mime_types
What about adding these mime_types in the way shown in #30788 ?
I suggest the following groups:
{{{
Documents:
-----------
application/pdf
application/rtf
application/msword
application/onenote
application/wordperfect
application/vnd (should handle MS, LO/OOo and iWorks)
text/plain
text/csv
text/calendar
text/tab-separated-values
text/richtext
}}}
{{{
Web-Documents
--------------
text/css
text/html
application/javascript
application/x-shockwave-flash
application/java
}}}
{{{
Archives:
---------
application/x-tar
application/zip
application/x-gzip
application/rar
application/x-7z-compressed
}}}
{{{
Misc:
------
application/x-msdownload (exe)
}}}
I'm just concerned about a possible performance problem.
See: #31071",zodiac1978,4
38433,Complete test coverage for current_user_can_for_blog(),,Role/Capability,4.3,normal,normal,Future Release,enhancement,new,needs-unit-tests,2016-10-21T14:15:43Z,2016-10-21T14:15:43Z,"In `Tests_User_Capabilities`, all roles and capabilities are tested using `current_user_can()`. They should all be tested using `current_user_can_for_blog()`, too.",johnbillion,
38282,Trackbacks do not return proper XML on double entries and flood,,Pings/Trackbacks,,normal,normal,Awaiting Review,defect (bug),new,has-patch,2016-10-11T09:49:18Z,2016-10-21T13:41:20Z,"If an comment is double or part of a comment flood, `wp_new_comment()` tends to `wp_die()`.
With #36901 we can now get a proper `WP_Error` instead and utilize this in ''wp_trackback.php''",websupporter,1
30829,I want to add the list table views in edit-tags.php,,Taxonomy,4.1,normal,normal,Future Release,enhancement,new,has-patch,2014-12-23T14:55:58Z,2016-10-21T13:32:41Z,"I want to add some list table views in edit-tags.php page, but it is not possible without workout ,because in this page on line #326 run only this code {{{display(); ?>}}} but I want to see
{{{views(); ?>}}};[[br]]{{{display(); ?>}}}. In order to add some filters and render views.",llemurya,4
38418,Add telemetry (aka usage data collection) as opt-in feature in core,,General,4.7,normal,normal,Awaiting Review,feature request,new,,2016-10-20T19:14:18Z,2016-10-21T13:19:00Z,"Many discussions around changes, additions, and removal of features in WordPress core run into the same problem: We don't have the necessary data to know how end-users are interacting with the application and its features.
To solve this problem I propose the adoption of an opt-in telemetry feature in WordPress core that collects anonymized data on feature and functionality use. This is in line with what major software providers do, and it is a feature most users will be familiar with.
== Implementation and activation ==
- The opt-in selector for the feature should be surfaced on first install or when the site is updated to the first version of WordPress containing the feature is installed.
- For new installs the opt-in question should appear on the 5-minute install page along with ""Allow search engines to index the site"" or similar.
- For upgrades, the opt-in question should be revealed in a dedicated modal.
- The feature should be disabled by default and the admin can make an active choice to participate.
- The feature should be controllable at any time through a dedicated section under Settings->General
- It is possible the best way to make users feel this feature is not a Trojan horse is to ship it as a plugin that auto-installs on opt-in and auto-uninstalls on opt-out.
== Data collection ==
Some core data should always be collected, including but not limited to:
- Number of themes and plugins installed
- Frequency of use of specific views (Settings, Customizer, etc)
- Current version
- Update status
- Locale (generalized to country)
- Language
- etc
In addition it should be possible to push, custom queries to activated users to test for specific interactions, as an example how many users click the Underline button in TinyMCE. I'm not sure exactly what the best approach here is, but this is one idea: The feature queries a centralized service on a weekly / monthly basis to get instructions on what type of data is currently being collected.
The decision on what data to be collected should be done by committee based on current active tickets that require user data.
== Anonymity and transparency ==
A core requirement for the success of this feature is that data collection must be 100% anonymized. No data collected can be traced back to an individual user. Ideally the feature itself will be built in such a way that even accidental collection of personal data is impossible.
At any time, information about what data is being collected should be available to end-users both on a dedicated page on WordPress.org and through the setting in admin.
All data collected should be made public for scrutiny and use to ensure transparency and enable actual use.
== Practical way forward ==
To prove the viability of this feature I propose a slow incremental deployment: Start with collection of certain uncontroversial datapoints like current language setting, number of themes and plugins, and one UI interaction that needs testing. Once this MVP has proven itself effective, a larger scale testing program can be shipped.",mor10,4
38227,Term Status API,,Taxonomy,,normal,normal,Future Release,task (blessed),new,,2016-10-04T15:52:34Z,2016-10-21T13:13:41Z,"See #37914, #37915, and make/core post (coming in a moment).",boonebgorges,2
38431,-webkit-appearance rule should be removed from the CSS,,General,4.6.1,normal,normal,Awaiting Review,defect (bug),new,,2016-10-21T12:02:08Z,2016-10-21T12:02:08Z,"The -webkit-appearance rule used in customize-control.css is not supported properly on all browsers and in some cases might make certain layouts impossible. Please see the MDN article about it:
https://developer.mozilla.org/en-US/docs/Web/CSS/-moz-appearance
As mentioned there, even the ""none"" value will have different behavior on different browsers. In my case, it forces the element to wrap to the next line on Chrome, and the only way to go around this is to delete the rule directly in the WordPress CSS.",laurent22777,
38430,Inconsistent return type in `get_active_blog_for_user()`,,Networks and Sites,,normal,normal,Awaiting Review,defect (bug),new,dev-feedback,2016-10-21T11:26:36Z,2016-10-21T11:26:36Z,"While writing unit tests for #38355, I discovered that `get_active_blog_for_user()` may possibly return a plain object like those in the array returned by `get_blogs_of_user()`. We should make sure that only `WP_Site` objects are returned.
On the other hand, this issue is not really critical since, as far as I could see, the entire clause starting with `! is_object(...` will never be reached - I might have missed a use-case, but I tried several ""combinations"" of what could happen, but never got to the point where it was executed.",flixos90,
35241,NetworkError in firebug error console,,Customize,4.4,normal,normal,Awaiting Review,defect (bug),reopened,,2015-12-28T07:20:17Z,2016-10-21T08:06:14Z,"Hi,
Just installed WordPress 4.4 on my localhost on a Macbook Pro running MAMP.
It's a vanilla install with Twenty Sixteen Theme activated.
I am using Firefox browser with Firebug addon.
Proceed straight to Appearance -> Customize
When I look into Firebug error console.
I keep seeing an error message that says.
NetworkError: A network error occurred.
Please see screenshot. http://i.imgur.com/CyxCqjq.png
I removed WordPress, dropped the database and start all over again.
And I am still seeing that error message, right after I installed WordPress.
May I know if this is a bug? or a normal occurrence?
If it's normal, do you have any idea why this is happening?
Thank you for your kind attention.
Best Regards,
Denzel",denzel_chia,12
35186,"Put the Customizer ""back"" button next to the ""Close"" button",,Customize,4.4,normal,normal,Future Release,enhancement,new,,2015-12-21T15:44:55Z,2016-10-21T06:36:58Z,"Seems like a pretty small thing. The ""Back"" button that takes you to the top of the Customizer menu scrolls out of view but the ""Close"" button does not. If we put the Back button next to the Close button, it would be slightly less confusing.",DragonFlyEye,24
37384,Text alignment in options-discussion.php,,Administration,4.5.3,normal,normal,Awaiting Review,defect (bug),new,dev-feedback,2016-07-17T07:38:56Z,2016-10-21T06:25:24Z,"Labels are not aligned same as other labels.Having different margin due to

}}}
",SPiNNdevs,8
20973,date_i18n() produces invalid output for shorthand formats,,Date/Time,3.4,normal,normal,Awaiting Review,defect (bug),reopened,needs-unit-tests,2012-06-15T13:39:50Z,2016-10-10T21:32:30Z,"date_i18n() function relies on parsing passed format to make adjustments. However shorthand formats are not handled and produce invalid output.
Example:
{{{
var_dump( date_i18n( 'Y-m-d\TH:i:sP', time() ) ); // 2012-06-15T13:34:03+03:00 << ok
var_dump( date_i18n( DATE_W3C, time() ) ); // 2012-06-15T13:34:03+03:00 << ok
var_dump( date_i18n( 'c', time() ) ); // 2012-06-15T13:34:03+00:00 << broken time zone!
}}}
Hook-level fix:
{{{
add_filter( 'date_i18n', 'fix_c_time_format', 10, 3 );
function fix_c_time_format( $date, $format, $timestamp ) {
if ( 'c' == $format )
$date = date_i18n( DATE_W3C, $timestamp );
return $date;
}
}}}
See [http://wordpress.stackexchange.com/q/54700/847 Why time functions show invalid time zone when using 'c' time format?]
Possibly related (can't say for sure from description) #13538",Rarst,31
38278,Only query taxonomies assigned to the post types being queried,,Query,4.7,normal,normal,Awaiting Review,enhancement,new,dev-feedback,2016-10-10T20:28:53Z,2016-10-10T20:32:01Z,"While working on #31383 (Add `WP_Tax_Query` support to `WP_User_Query`), it was brought up that taxonomy queries do not check to see whether the requested taxonomies are registered to the requested post type.
Opening this ticket to discuss further. Should taxonomies always match the queried `post_type`?
From @boonebgorges on the other ticket:
Here's a way to frame the issue: are we likely to confuse developers if we allow (ie, don't throw errors for) queries like `get_users( ... 'tax_query' => ... 'taxonomy=post_tag' )`? Or `get_posts( ... 'tax_query' => ... 'taxonomy=some_user_taxonomy' )`? Or maybe these queries will just always end up empty? We should think through the possible confusions (or, maybe, lack thereof).
",desrosj,
38275,Single wildcard character in .htaccess requests any page,,Permalinks,,normal,normal,Awaiting Review,defect (bug),new,,2016-10-10T15:09:54Z,2016-10-10T19:17:42Z,"For example, if the site is http://www.mysite.com, requesting http://www.mysite.com/s will redirect to a permalink beginning with 's'. This sends the user to an unexpected page.
This request should redirect to 404 when the page 'http://www.mysite.com/s' doesn't exist.
In the WP installation folder, the following .htaccess rewrite rule causes this problem:
RewriteRule . /index.php [L]",martinthehorrible,2
37727,Allow for customize control notifications to have extensible templates,,Customize,4.6,normal,normal,Future Release,enhancement,assigned,has-patch,2016-08-18T23:27:03Z,2016-10-10T17:58:32Z,"It was [https://wordpress.slack.com/archives/core-customize/p1469851496000101 noted] by @celloexpressions toward the end of 4.6:
> FYI I just noticed an issue with the JS template for control notifications introduced in [37476]. We need to display the raw message rather than escaping it `{{{` instead of `{{` so that html is allowed. Which it should be for links, etc., and it's needed for #34923. I'm making the change in the next patch there and don't think we need to change it for 4.6 but wanted to point it out.
It is useful to embed non-message content into a notification to allow for buttons to action on the notification. However, I don't feel that just allowing the raw `message` to be injected into the notification template is necessarily the best way to go. To me it would seem better if we allowed for `Notification` subclasses that had custom templates to handle the various notification codes differently. Then the server wouldn't have to pass markup back as part of error messages.
Allowing custom templates for notifications would be highly useful for the global notification area in the Customizer (#35210).
See also https://core.trac.wordpress.org/ticket/30738#comment:16",westonruter,7
37335,Standardized API for themes to add info/links to the customizer,,Customize,,normal,normal,Awaiting Review,enhancement,new,has-patch,2016-07-12T01:36:09Z,2016-10-10T17:41:14Z,"Currently, the theme review team allows themes to inject custom UI with an upsell link into the customizer, as a compromise provided that there is only one link. This creates several problems, such as providing an inconsistent experience for users when switching to different themes and potential breakage if core markup or UI changes. Since the customizer is API-oriented, there isn't generally a restriction to changing the markup or UI in core because custom things added via the API can still be backwards compatible.
If we can come up with a core UI that theme developers can opt into and probably supply a few parameters to, the experience can be standardized for users, developers can keep their links, and we can better encourage proper customization of the customizer via the API.
Technical implementation will be fairly straightforward - a matter of deciding if it should be something along the lines of `add_theme_support` or a custom section/control type in core that can be added directly. The bigger question is what this UI should look like, what information needs to be able to be provided, and whether it should be on the top level of the customizer or within a section or other nested UI.
See slack discussion: https://wordpress.slack.com/archives/themereview/p1468283558004173.",celloexpressions,15
29462,comment pagination in reverse order should display a full number of the latest comments,,Comments,3.9,normal,normal,Future Release,defect (bug),assigned,,2014-09-02T07:12:47Z,2016-10-10T15:22:08Z,"set the following discussion setting:
break comment into pages with 5 top level comments per page and the last page displayed by default
Comments should be displayed with the newer comments at the top of each page
have a post with 6 comments
only the last comment made is displayed by default instead of the expected 5 last comments.",mark-k,21
35685,Default HTTP schema when adding a custom link,,Menus,,low,minor,Awaiting Review,enhancement,new,has-patch,2016-02-01T06:26:04Z,2016-10-10T14:51:27Z,"When editing menus in Wordpress (nav-menus.php), the ""Custom links"" accordion input box always defaults to http://
I feel this should default to https:// if the WP install is running on SSL.
I can't speak for all, but I mostly use custom links for custom links that are already on my site, and if I'm running SSL, then I need to manually change http:// to https:// each time.
Most sites running SSL will only link to other secure sites and resources too, so this may be another point of confirmation.",isdampe,7
34848,Add support for updating post meta in bulk,chriscct7,"Options, Meta APIs",,normal,normal,Future Release,enhancement,assigned,needs-unit-tests,2015-12-04T19:43:48Z,2016-10-10T13:46:03Z,"A limiting factor in performance of inserting posts into the database is postmeta. I've been running a patch locally which adds functions for adding postmeta in one function call instead of calling add_post_meta multiple times over and over.
add_post_meta creates a single SQL insert query, when adding 20 post metas that is 20 SQL inserts all run separately. This can be greatly improved by combining these into a single SQL insert.
There is a problem where updating meta in bulk would likely be impossible or very painful. At the very least I have not been able to find a way to do this. Deleting I haven't developed a function but I imagine it would be fairly easy.
{{{#!php
/**
* Add metadatas to a post.
*
* @since x.x.x
*
* @param int $post_id Post ID.
* @param string $meta_data Metadata as an key/value pair array
*
* @return bool Was the data inserted
*/
function add_post_metas( $post_id, $meta_data ) {
// Make sure meta is added to the post, not a revision.
if ( $the_post = wp_is_post_revision($post_id) )
$post_id = $the_post;
return add_metadatas('post', $post_id, $meta_data);
}
/**
* Add multiple metadatas for the specified object. Similar to calling add_metadata for each metadata individually,
* and is only applicable for unique meta data. If a meta key already exists for an object it will not be stored.
*
* @since x.x.x
*
* @global wpdb $wpdb WordPress database abstraction object.
*
* @param string $meta_type Type of object metadata is for (e.g., comment, post, or user)
* @param int $object_id ID of the object metadata is for
* @param array $meta_data Metadata as an key/value pair array
*
* @return bool If the metadata was stored successfully.
*/
function add_metadatas($meta_type, $object_id, $meta_data) {
global $wpdb;
if ( ! $meta_type || ! is_array( $meta_data ) || ! is_numeric( $object_id ) ) {
return false;
}
$object_id = absint( $object_id );
if ( ! $object_id ) {
return false;
}
$table = _get_meta_table( $meta_type );
if ( ! $table ) {
return false;
}
$column = sanitize_key($meta_type . '_id');
/**
* Filter whether to add metadatas of a specific type.
*
* The dynamic portion of the hook, `$meta_type`, refers to the meta
* object type (comment, post, or user). Returning a non-null value
* will effectively short-circuit the function.
*
* @since x.x.x
*
* @param null|bool $check Whether to allow adding metadata for the given type.
* @param int $object_id Object ID.
* @param string $meta_key Meta key.
* @param mixed $meta_value Meta value. Must be serializable if non-scalar.
* @param bool $unique Whether the specified meta key should be unique
* for the object. Optional. Default false.
*/
$check = apply_filters( ""add_{$meta_type}_metadatas"", null, $object_id, $meta_data );
if ( null !== $check )
return $check;
$_meta_data = array();
foreach( $meta_data as $key => $value ) {
if ( 0 == absint( $wpdb->get_var(
$wpdb->prepare( ""SELECT COUNT(*) FROM $table WHERE meta_key = %s AND $column = %d"", $key, $object_id )
) ) ) {
$key = wp_unslash( $key );
$value = wp_unslash( sanitize_meta( $key, $value, $meta_type ) );
$_meta_data[ $key ] = maybe_serialize( $value );
/**
* Fires immediately before meta of a specific type is added.
*
* The dynamic portion of the hook, `$meta_type`, refers to the meta
* object type (comment, post, or user).
*
* @since 3.1.0
*
* @param int $object_id Object ID.
* @param string $meta_key Meta key.
* @param mixed $meta_value Meta value.
*/
do_action( ""add_{$meta_type}_meta"", $object_id, $key, $value );
}
}
$rows = array();
if( ! empty( $_meta_data ) ) {
$sql = ""INSERT INTO {$table} ({$column}, meta_key, meta_value) VALUES "";
$comma = false;
foreach( $_meta_data as $key => $value ) {
if( true == $comma ) {
$sql .= ',';
}
$sql .= ""({$object_id}, '{$key}', '{$value}')"";
$comma = true;
}
}
$result = $wpdb->query( $sql );
if ( ! $result )
return false;
wp_cache_delete($object_id, $meta_type . '_meta');
return true;
}
}}}
",patrickgarman,18
37188,Add New Media button does not give aria feedback,,Media,4.0,normal,normal,Future Release,defect (bug),new,,2016-06-26T14:12:34Z,2016-10-10T11:11:27Z,"Button '''Upload Plugin''' and '''Upload Theme''' both have a role of '''button''' and '''aria-expanded=true''' onclick. The expanded panel then directly under it which is expected behaviour for screen-readers and is semantically logical. (see screen-shot)
On the other hand, the '''Add New''' button on the Media Page is a link without a role of button and there is no aria feedback provided. The expanded panel is then followed by the navigation bar rather than the expanded panel.",mantismamita,5
38216,Plugin details modal tabs,,Administration,4.7,normal,normal,Awaiting Review,defect (bug),new,reporter-feedback,2016-10-03T09:16:55Z,2016-10-10T10:48:34Z,"The tabs inside the plugin details modal window are 18px high, which conflicts with the previous padding declaration. See the issue in the attached screenshot.
[[Image(https://i.gyazo.com/6d5f4bf5374021657c090465e0ed8a2f.png)]]",butterflymedia,1
35496,Quick Edit error messages UI improvements,,Quick/Bulk Edit,,normal,normal,Awaiting Review,defect (bug),new,,2016-01-17T17:37:34Z,2016-10-10T10:26:46Z,"When a Quick Edit action fails, an error message is displayed in plain text inside the form. See in the screenshot below, for Posts and Taxonomies.
They could be visually improved a bit. Probably use a `.notice` CSS class and, especially for small screens, be displayed below the form?
[[Image(https://cldup.com/TtyfaDs0XB.png)]]
",afercia,4
38273,HTTPS install is broken,,Upgrade/Install,4.6.1,normal,normal,Awaiting Review,defect (bug),new,reporter-feedback,2016-10-09T22:18:16Z,2016-10-10T09:56:27Z,"HTTPS install results in no admin access.
== ENV ==
OS: CentOS7 (Both reverse proxy and apache server)
Nginx: 1.10.1 (Default package)
Apache: 2.4.6 (Default package)
PHP: 7.1RC3 (remi-php71 repository)
== STEP ==
1. Set up web system so that only HTTPS is used. All HTTP traffic is redirected to HTTPS by nginx reverse proxy, backend web server is apache that only waits HTTP.
(""{{{ add_header Content-Security-Policy upgrade-insecure-requests; }}}"" is needed for nice installation page, but this is minor issue)
2. Add {{{ $_SERVER['HTTPS']='on'; }}} to wp-config.php to avoid redirect loop.
3. Install new wordpress to the server.
4. Login with the new account created.
5. Login succeeds, but the account does not have any admin page permission.
Since the first admin account cannot do anything, system is completely unusable.
=== NOTES ===
Install with HTTP then switching to HTTPS results in the same. i.e. Change site url config to https:// from http://.
This could be 7.1 bug. I don't see any PHP errors in log.
",yohgaki,4
22976,Remove reference to category to tag converter from the tools page,,Import,,normal,normal,Awaiting Review,enhancement,new,,2012-12-17T16:02:00Z,2016-10-10T01:36:12Z,"It has been such a long time since version 2.3, does anybody really need a reminder for the existence of this tool on that relatively high profile page?",mark-k,5
38255,inclusion of javascript script,,Script Loader,4.6.1,normal,normal,Awaiting Review,enhancement,new,close,2016-10-07T20:15:36Z,2016-10-10T01:34:55Z,"When I was working on my themes. I tried to include scripts with Javascript src wp but always include scripts with href.
I find class.wp-scripts.php always add base url to my src.
I think it is not good for two reasons:
1 - it is best to use for local javascript src scripts.
2 - I think it is not good practice to replace data theme because if developer wants src it is not good to add data without informing.
I think both solution can be imagined:
1 - just do not replace the data from themes
2 - allow possibility for developer to choose to add automaticly base_url for javascript. ",nmoral,1
19709,Add 'before_sidebar' and 'after_sidebar' attributes to register_sidebar(),,Widgets,2.2,normal,normal,Awaiting Review,enhancement,reopened,has-patch,2012-01-01T19:30:15Z,2016-10-09T23:52:57Z,"Whilst experimenting with some code recently I needed to have each widget area wrapped inside a container with the widget id as the container CSS class/id.
If used in a theme this widget area container usually has to be hard coded. This is the case for Twenty Ten, and Twenty Eleven.
It occurred to me that it would be very useful to have an extra couple of attributes available in register_sidebar() such as 'before_sidebar' and 'after_sidebar' so that developers have a consistent way to automatically add a wrapper to each widget area.
It would be additionally useful if you could do something like this to add the widget area id as the wrapper CSS class/id as required:
`'before_sidebar' => '

'`
`'after_sidebar' => '

'`
or
`'before_sidebar' => '

'`
`'after_sidebar' => '

'`
If this feature is considered then I'm not sure whether 'before_sidebar' or 'before_widget_area' is a better choice for the attribute name.",dgwyer,8
29932,There is no error reporting in the Customizer (for upload failures),,Customize,3.4,normal,normal,Awaiting Review,enhancement,assigned,reporter-feedback,2014-10-11T20:04:15Z,2016-10-09T21:40:53Z,"As far as I know, there is no way to display an error to the user when he/she is using the theme customizer.
An error that I'm facing some time to time when I test WordPress locally is when `wp-content/uploads` is not writable. Then, uploading a new image to use as a background in the customizer does not work, but this fails silently.
This error reporting should be built-in inside `WP_Customize_Control` class so that any control that extends this class can throws a custom error and displays it to the user.
Depends on #35210.",Fab1en,12
35288,Search Engines Discouraged message improvements,,Administration,,normal,normal,Future Release,defect (bug),new,has-patch,2016-01-02T14:54:11Z,2016-10-09T21:35:38Z,"While working on #35049 was wondering why this text is capitalized. Investigated a bit and realized this message could probably be improved a bit too, especially now that its title attribute is going to be removed.
At the very least, I'd propose to don't use capitalized text and try to style it to make it a bit more evident.
TL;DR
As noted in the ticket that introduced it, users may forget to turn privacy mode off with disastrous consequences in search results. So, as a first step, the message should probably be made a bit more evident. Please consider the ""At a Glance"" widget can display additional things (updates, network storage) and plugins can add their own stuff. See screenshot below:
[[Image(https://cldup.com/uN1C3IyYRl.png)]]
Being in the middle of all that text, the message looks somehow hidden and not so prominent as it should be. WordPress already has CSS classes for this, thinking at notices (maybe `notice-warning` ?). It would be great to have a design proposal from UI people and designers :)
Also, was thinking there's probably no need to use a so short text because the widget provides enough room to use a more meaningful message and link.
As a general rule, text used for links should be self-explanatory, make sense even when read out of context, and should describe the link purpose. Introducing changes here can be a bit tricky since there are filters in place so I'd consider this part optional but also a nice improvement worth considering.
Ideally, there should be some text to indicate the privacy status followed by a meaningful link. Since in the related options page this setting is called ""Search Engine Visibility"" (but it can be ""Site Visibility"" and use radio buttons if the `blog_privacy_selector` action is used. see [21838], the discussion on the related ticket #16416, and [https://irclogs.wordpress.org/chanlog.php?channel=wordpress-dev&day=2012-08-29&sort=asc#m446982 the discussion on IRC]) I'd propose to use something like this:
{{{
Search engines are currently asked not to index your content.[br]
[link]Change search engine visibility settings[/link]
}}}
For reference, here's some history:
introduced in #12211 and initially meant to look like a button because it was close to the ""Visit Site"" button:
[[Image(https://cldup.com/lYrYTBgNEU.png)]]
Since it looked like a button, text was capitalized following WordPress conventions ''and I guess this is the reason why it's still capitalized''. Then it was changed to look like a link and later the original ""Privacy On"" text was changed in ""Search Engines Blocked"". Still capitalized :)
[[Image(https://cldup.com/FDsJzQk_ca.png)]]
Then it went through many other changes:
- visually changed from a button to a link in [13182]
- restricted by capabilities in [13559]
- text changed from ""Privacy On"" to ""Search Engines Blocked"" in [13767]
- filters were introduced in [14237]
- moved from admin-header.php to the 'Right Now' widget in the Dashboard in [17829]
- text changed from 'Search Engines Blocked' to 'Search Engines Discouraged' in [21838]
- removed with the Dashboard redesign in [26144]
- then restored in [26700]",afercia,15
35497,List tables: Post format links improvements,afercia,Administration,,normal,normal,Future Release,defect (bug),assigned,has-patch,2016-01-17T18:12:58Z,2016-10-09T21:12:52Z,"In the Posts list table, when posts have a post format, an icon link is displayed next to the Post title (see screenshot below).
[[Image(https://cldup.com/odYs24tIMz.png)]]
Ideally, since this is a tabular data, the post format should be in a dedicated table column. By the way, list tables have already several columns and plugins can add their own ones so this change should be carefully considered and would probably require some discussion.
Meanwhile, there are a couple of simple improvements that could be easily implemented:
'''Clarify the link purpose'''
Currently the link says, for example, ""Video"" while clicking on it brings users to a list of all posts with that format. It should probably say ""View all posts with video format"" and at the same time make clear that post has a video format. Bit tricky but I'm confident a proper wording would solve this issue.
'''Color contrast'''
Should be improved. The icon's color is `#ddd` on a background color `#ffffff` or `#f9f9f9` with a contrast of, respectively, 1.4:1 and 1.3:1. Should be at least 4.5:1.",afercia,13
33049,Media Library toolbar: spinner position on small screens,,Media,4.2,normal,normal,Awaiting Review,enhancement,new,,2015-07-20T17:16:22Z,2016-10-09T21:07:21Z,"After [changeset:31996] the spinner position is now generally improved across the admin. There are still places where it can be further improved though, especially for small screens.
Please see the screenshot below, on the left how the spinner is currently being displayed. Since it's hidden with `visibility: hidden` it does reserve space and thus there's a big space between form elements.
Considering also translations, the form fields length is unpredictable, they could be displayed in three rows or four rows or just tow, depending on the viewport width and basically there's no easy CSS solution if we still want to display the spinner ""inline"".
One possible solution could be the one on the right in the screenshot: under a certain viewport width, just give the spinner an absolute position in order to have it centered in a semi-transparent overlay. This would work regardless of the form fields length, number of lines, etc.
I'm not a designer :) but I'd like to bring this to the UI/design team attention.
[[Image(https://cldup.com/S-TkeXpowi.png)]]",afercia,2
37914,Taxonomy: Allow terms to be previewed before publishing,,Taxonomy,4.7,normal,normal,Future Release,enhancement,new,dev-feedback,2016-09-01T20:40:31Z,2016-10-09T19:37:28Z,"There is currently no mechanism to preview or draft taxonomy terms. As soon as a draft post with new terms is saved, for example, the new term is published, visible to other users in wp-admin, and could be visible on the front end of the site depending on the theme and plugins.
The lack of a draft or preview mechanism also makes it impossible to manage terms in the customizer. Long term, the goal is to enable posts and terms to be able to be live-previewed with front end context, based on functionality being developed in the [https://github.com/xwp/wp-customize-posts Customize Posts] and, now, [https://github.com/xwp/wp-customize-terms Customize Terms] plugins.
In 4.7, with the new ability to create posts wintih nav menus (#34923), we'd like users to also be able to create terms so that they an set up their site structure. Unfortunately this is not possible until we have a mechanism for previewing terms. I'm currently milestoning this for 4.7 so that we can try to add support for that feature (in a separate ticket), but this ticket is for API support only and still may be more than we can complete in time for 4.7.
Based on comments from @boonebgorges on #34923, there are a couple of potential approaches for enabling term previewing:
- Introduce a `term_status` field
> Even if we don't have anything as robust as a ""term status API"", we still have to be sure that, at the very least, term_status != 'publish' terms are excluded from most queries - a change that has the potential for weird back compat issues.
- An internal taxonomy for draft terms, which may be more conservative but also more complex, especially if we want to support things like hierarchy for draft terms.
> It may be easier (maybe more code, but fewer hacks) to do on-the-fly registration of a separate internal taxonomy for each taxonomy that's getting a draft term added via the Customizer.
We'll want a future-proof solution that can support term meta being previewable as well. `auto_draft` posts are the inspiration on the posts end for the customizer approach.",celloexpressions,8
11895,Allow more specific image size editing,,Media,,normal,normal,Future Release,feature request,new,dev-feedback,2010-01-14T15:12:28Z,2016-10-09T18:35:32Z,"Instead of allowing only some combinations of 'thumbnail', 'medium', 'large', 'full' I would like to have the ability to select which of these I would like to crop. So for example, only 'thumbnail' and 'medium'. With the current trunk this is not possible. I created a patch that adds this ability by changing the radio boxes of ""apply changes to"" in the image-edit page to checkboxes for each of the 4 possible sizes.",frankgroeneveld,18
38270,Better handling of widget errors,,Widgets,4.7,normal,normal,Awaiting Review,enhancement,new,close,2016-10-09T15:34:33Z,2016-10-09T18:26:33Z,"This change makes debugging broken widgets a lot less painful -- in case of errors in widgets this will allow the site to load and the developer to see the error messages instead of just blowing up with the ambiguous error message ""Class not defined"".
https://github.com/WordPress/WordPress/pull/207#issuecomment-252338814",dustwolf,2
38272,Media Library - Featured image is marked as Unattached,,Media,4.6.1,normal,normal,Awaiting Review,defect (bug),new,,2016-10-09T18:06:50Z,2016-10-09T18:06:50Z,"Ive been struggling with this for quite some time. But with more images and posts, it started to bother me A LOT.
So I noticed that when selecting a post Featured image that is already loaded into the Media Library, that image show ""Unattached"" in the ""Uploaded to"" column in the Media Library.
I have 1000 pictures uploaded to Media Library and now one by one Im attaching it to the post using featured image option. The problem ... I have no clue which image i have already used. I found quite few posts about this issue but there is no real solution.
I hope someone can finally look into it and fix it once and for all - its been years.",mikehaceman,
36183,Twenty Fourteen: Incompatibility with Right-To-Left (RTL) webpages AND the default video player,,Bundled Theme,4.4.2,normal,normal,Awaiting Review,defect (bug),reopened,,2016-03-09T16:40:56Z,2016-10-09T15:03:27Z,"First problem: There's a horrible bug in the Wordpress theme-foundation (Not only the Twenty-Fourteen theme that I currently use) that affects all objects that depend on the orientation, including drop-down menus. For example, in this page:
http://link.afach.de/rtlproblem
Apparently the menus are hidden to the fore-left, and then appear as drop-down when one hovers on them. Now the problem is that they really show up on the fore-left, creating an infinitely long horizontal scroll-bar. In the webpage, I fixed this problem using the CSS Tags:
{{{
.primary-navigation ul ul, .primary-navigation ul ul ul {
left:auto;
right: -999em;
}
.primary-navigation ul li:hover > ul, .primary-navigation ul li.focus > ul {
right: auto;
}
}}}
which I got from an expert on Stackoverflow after this problem drove me really crazy because I, myself, am not a CSS expert. Anyway, please visit that page, and remove these tags, and see how the menus will appear, creating a very long horizontal scroll-bar that ruins the page.
Second problem: The same problem also exists with the default Wordpress video player. Without the following tag:
{{{
.mejs-offscreen{
right: -10000px;
left: auto;
}
}}}
the video-player will also create a very long horizontal scroll bar. Please try to remove it from the page and see for yourself.
Thank you for the great platform, Wordpress. I love it!",samerafach,6
37926,Twenty Eleven & Twenty Twelve: Dropdown category widget exceeds parent div when strings are long enough,,Bundled Theme,4.6,normal,normal,Future Release,defect (bug),new,,2016-09-02T20:40:55Z,2016-10-09T15:02:57Z,"On Twenty-Eleven and Twenty-Twelve, the drop down menu at the Category Widget exceeds the size of the main body of the website and overlaps with other widgets at the footer.
Image Twenty-Eleven: ​https://cloudup.com/ca0bAvmzqz4
Image Twenty-Twelve: https://cloudup.com/cnK1axsIQ9a
Footer overlap: https://cloudup.com/cecneIc8O3b
'''How to replicate:'''
Activate Twenty eleven
Go to Categories > new
Add a category with > 30 characters
Create a post or edit existing one and assign the category
Go to Appearance > Widgets > Categories widget > check ""Display as dropdown"" checkbox
'''Proposed fix:''' (Fixed the main issue but not tested properly for all cases)
#cat {
max-width:100%;
} ",gma992,3
37536,Twenty Fifteen: Improve sticky sidebar logic.,,Bundled Theme,4.1,normal,normal,Awaiting Review,defect (bug),new,reporter-feedback,2016-08-01T10:46:50Z,2016-10-09T15:02:32Z,"The current logic in TwentyFifteen (#30366) for making the sidebar sticky while still allowing to scroll through it when the sidebar height is larger than the viewport height is flawed and massively overcomplicated.
This results in buggy behaviour when third-party code (in plugins) add body padding, for example.
'''Steps to reproduce buggy behavior:'''
{{{#!php
document.body.style.paddingTop = '50px';"";
});
}}}
Basically any plugin that implements admin bar like behavior will cause problems, with the sidebar thinking it has to apply a top offset where it actually doesn't have to do anything.
This can be mitigated by removing the admin bar specific logic and leaving most of the heavy lifting up to the browser. ",DvanKooten,2
32306,wp-cron throws 500 errors for SSL enabled sites,,Cron API,4.2.1,normal,critical,Awaiting Review,defect (bug),reopened,reporter-feedback,2015-05-08T07:49:05Z,2016-10-09T11:09:44Z,"I have several WP installs that are throwing 500 error codes when calling wp-cron.php after a pageview. The error is not consistent - it will sometimes return 200, and sometimes 500. All the installs I see this on use SSL with properly signed certs with SNI in use on the server under Apache. Instances on the same server where do not use SSL have not shown this issue at all.
I have managed to reproduce this on a clean WP install running twentyfifteen with no plugins installed so it doesn't appear to be plugin related.
Oddly, I don't get any PHP warnings when it happens (though I've tested that if I force a php script in the same pool to throw an error, it does get captured) - I do get the following recorded in the Apache Virtualhost error log (redacted):
[Fri May 08 08:29:34.479946 2015] [core:error] [pid 13870:tid 140644332824320] [client xxxx:xxxx:x:xx:xxxx:xx:x:x:57492] AH00524: Handler for fastcgi-script returned invalid result code 32
Apache access log (redacted):
xxxx:xxxx:x:xx:xxxx:xx:x:x - - [08/May/2015:08:29:26 +0100] ""POST /wp-cron.php?doing_wp_cron=1431070166.8151741027832031250000 HTTP/1.0"" 500 4066 ""-"" ""WordPress/4.2.2; https://www.domain.com""
System config is as follows:
* Fully patched Debian Jessie running on amd64 arch with kernel 3.16.0
* Webserver: Apache/2.4.10 (Debian), mod_fastcgi/mod_fastcgi-SNAP-0910052141, mod_fcgid/2.3.9, mod_python/3.3.1, Python/2.7.9, OpenSSL/1.0.1k
* MySQL 5.5.43-0+deb7u1
* PHP 5.6.7+dfsg-1 running under PHP-FPM (seen with and without opcache in place)
* Wordpress 4.2.2 fresh install (also seen on 4.2.1) with all plugins removed.
The server listens both on IPv4 and IPv6 - I've tried forcing wp-cron to use IPv4 by setting the hostname in /etc/hosts but that makes no difference.
Refer also to :
https://wordpress.org/support/topic/wp-cron-throwing-500-errors-on-ssl-sites?replies=9",coatesg,7
38261,A FORCE_SSL_SCRIPTS constant,,Security,,normal,normal,Awaiting Review,enhancement,new,,2016-10-08T17:06:12Z,2016-10-09T04:29:05Z,"If this constant is set, we will:
- Force local enqueued scripts and styles to https
- Force non-local enqueued scripts and styles to https",LoreleiAurora,1
38266,Tests: Use assertSame() when the type of the value in the assertion is important,,Build/Test Tools,,normal,normal,Future Release,defect (bug),new,,2016-10-09T01:38:36Z,2016-10-09T01:57:15Z,"Several tests use `assertEquals()` on a falsey value where the type is important to the accuracy of the test.
For example, in `Tests_Cache::test_miss()`, a value is tested against an expected `NULL` value using `assertEquals()` which will produce a false positive if another falsey value such as `0`, `false`, or an empty string is passed. These means these such assertions are actually buggy.
Using `assertSame()` instead of `assertEquals()` will cause the type to be checked in addition to its value.",johnbillion,1
36786,Can't pass filter names to `MockAction::get_call_count()`,,Build/Test Tools,,normal,normal,Future Release,defect (bug),new,has-patch,2016-05-09T04:20:03Z,2016-10-09T01:30:57Z,"The first of these tests works as expected, but the second generates an ""Undefined index"" notice.
{{{#!php
assertSame( 1, $ma->get_call_count( 'action' ) );
}
function test_get_call_count_filter() {
$filter = rand_str();
$ma = new MockAction();
add_filter( $filter, array( $ma, 'filter' ) );
apply_filters( $filter, rand_str() );
$this->assertSame( 1, $ma->get_call_count( 'filter' ) );
}
}}}
The attached patch attempts to fix the notice and allow passing filter names to `get_call_count()`.
",dlh,
38265,Add term_relationship_id column to wp_term_relationships,,Taxonomy,,normal,normal,Awaiting Review,feature request,new,dev-feedback,2016-10-09T01:11:01Z,2016-10-09T01:11:01Z,"I have a need to attach additional information to the post/term relationships themselves. I'd prefer not to stash this data in postmeta or termmeta, as this data is strictly about the connection between the two, and not about either object.
Naturally, my solution for this is to create a metadata database table (like we did with comments years ago, and taxonomy terms recently.) The first of many steps towards a `term_relationshipmeta` database table is that `wp_term_relationships` lacks a `term_relationship_id` primary column in the database.
----
On the extreme end of this idea, probably lives a `WP_Term_Relationship` object, with methods for adding/editing/removing relationships, which the `wp_*_object_terms` functions would become wrappers for.
Before any of that is really feasible, or for very much work to continue even in private as a plugin first, term relationships need a unique identifier.",johnjamesjacoby,
38264,Tests: Uploads aren't deleted after running individual tests,,Build/Test Tools,,normal,normal,Awaiting Review,defect (bug),new,,2016-10-08T23:46:02Z,2016-10-08T23:46:02Z,"Steps to reproduce:
1. Run `phpunit` and verify the tests pass.
2. Run `phpunit --filter test_wp_get_attachment_image_should_use_wp_get_attachment_metadata` and verify the tests pass.
3. Run `phpunit --filter test_wp_get_attachment_image_should_use_wp_get_attachment_metadata` a second time and observe that the tests fail.
View the contents of your site's `uploads` directory and you'll observe that the `2016/10/test-image-large.png` file and its resized versions haven't been deleted, and get created anew each time the test runs.
The same thing happens when running any test on its own that adds an attachment. The reason the `test_wp_get_attachment_image_should_use_wp_get_attachment_metadata` test fails the second time is because of its overly strict assumption about the contents of the `` tag. This failure caused me to notice the fact that the upload file wasn't being deleted.",johnbillion,
38262,Task: Opt in SSL Improvements,,Security,,normal,normal,Awaiting Review,enhancement,new,,2016-10-08T17:06:50Z,2016-10-08T17:28:45Z,"In the core-https meeting we have been discussing how we can improve opt in support for https.
The first stage of this is to introduce constants to force https on various components.
This ticket is the canonical place for this discussion.
So far we are proposing the below constants:
{{{FORCE_SSL}}} #28521
{{{FORCE_SSL_CONTENT}}} #38259
{{{FORCE_SSL_CANONICAL}}} #38260
{{{FORCE_SSL_SCRIPTS}}} #38261
These will be in addition to the existing {{{FORCE_SSL_ADMIN}}} constant.",LoreleiAurora,1
38260,A FORCE_SSL_CANONICAL constant,,Security,,normal,normal,Awaiting Review,enhancement,new,,2016-10-08T17:04:21Z,2016-10-08T17:04:21Z,"If this constant is set, we will:
- Force canonical links to https
- Turn on {{{FORCE_SSL_CONTENT}}} - see #38259",LoreleiAurora,
38259,A FORCE_SSL_CONTENT constant,,Security,,normal,normal,Awaiting Review,enhancement,new,,2016-10-08T17:03:15Z,2016-10-08T17:03:15Z,"If this constant is set, we will:
- Force local URLs within content to https
What we won't do:
- Force non-local URLs within content to https
- Force the https version of oEmbeds just yet - see #28507",LoreleiAurora,
28227,Customizer: Error message instead of blank screen,,Customize,3.9.1,normal,normal,Future Release,enhancement,new,,2014-05-12T19:32:47Z,2016-10-08T15:53:10Z,"When Customizer can't load due to an error, there's no indication as to what's going on. It would be nice if some information was presented instead of seeing a blank screen on the right side.",alexander.rohmann,6
37535,Outputting Post Type Description on admin edit screen,,"Posts, Post Types",4.6,normal,normal,Awaiting Review,enhancement,new,has-patch,2016-08-01T06:14:19Z,2016-10-08T00:12:35Z,"When registering a custom post type you can[https://codex.wordpress.org/Function_Reference/register_post_type#description specify the description] as part of the arguments you pass into `register_post_type`. I would expect that somewhere in the back-end of WP this description would be shown, however it isn't.
It would be great if we could output the description right below the title of the post type when viewing the entries table (as I've done below)
[[Image(https://goo.gl/IwzNmi)]]
I've updated `edit.php` inside of `wp-admin` and added the following code after the main H1 tag
{{{
description){
echo '

';
echo esc_html( $post_type_object->description);
echo '

';
}?>
}}}
It's a pretty small update but its pretty useful for clients so that know what this admin edit screen is for. I use them for outlining what type of content will be added here.
If the content type doesn't have a description nothing is outputted.
I can submit a pull request since it's a fairly straightforward change.
Cheers
Simon
",simonrcodrington,5
16612,WordPress should return nocache headers for requests with comment cookies,,Comments,,normal,normal,Future Release,enhancement,new,dev-feedback,2011-02-21T22:45:21Z,2016-10-07T22:55:56Z,"Most themes, when displaying the comment form, change the HTML to pre-fill username, email address, and website when comment cookies are received in the HTTP request. Since the response does not have explicit nocache headers, per RFC2616 (http://www.ietf.org/rfc/rfc2616.txt) intermediate caches can use heuristics to determine the cache TTL for the response. Since there is 0 freshness data in the response, it is not really possible to perform good heuristics, but in practice, caches will assign a default TTL to this type of response. The result is that private information input by user A when submitting a comment can be returned to user B when making a request for the same URL.
To protect ourselves against this, we should call nocache_headers() when comment cookies are sent and the comment form is being displayed. Alternatively, we can send nocache headers for all requests with comment cookies regardless of the comment form being displayed or not (probably easier and maybe safer).
http://humboldtherald.wordpress.com/2011/01/27/gremlins/ is a story likely caused by an aggressive cache and the lack of nocache headers.",barry,7
24603,Introduce pre_move_uploaded_file filter to allow pre-processing of uploaded files,,Upload,,normal,normal,Awaiting Review,enhancement,new,has-patch,2013-06-19T10:47:18Z,2016-10-07T20:12:05Z,This is handy for use in file replication plugins. We've been using this on wordpress.com for awhile for just that purpose.,ryan,4
34093,New filter: `get_calendar_post_type` in get_calendar(),,Widgets,,normal,normal,Future Release,enhancement,new,needs-unit-tests,2015-09-30T06:19:27Z,2016-10-07T20:09:03Z,Filter for post type in calendar. If I want show posts from others post type,sebastian.pisula,6
31072,Slow comment-related query slowing down Dashboard,,Comments,4.1,normal,normal,Future Release,defect (bug),reopened,has-patch,2015-01-20T12:02:23Z,2016-10-07T20:07:08Z,"Not sure if it's related to #22301, but I sniped a query running when the Dashboard is running on a busy site with 810k entries in the wp_comments table.
The unoptimized query is as follows:
{{{
SELECT
comment_approved,
COUNT(*) AS num_comments
FROM
wp_comments
WHERE
comment_type != 'trackback'
AND comment_type != 'pingback'
GROUP BY
comment_approved
}}}
The query doesn't use an index and ends up in the nasty `Using where; Using temporary; Using filesort`. This query runs in 3+ seconds for me.
The following index resolves the issue, though the query is still relatively slow (0.6s, but this timing is much more consistent across runs, even with SQL_NO_CACHE): (`comment_approved`, `comment_type`). Now the query uses a much less nasty `Using where; Using index`.",archon810,4
21112,Add pre_wp_unique_post_slug to override post slug handling,johnbillion,Permalinks,3.4,normal,normal,Future Release,enhancement,reviewing,needs-docs,2012-06-29T14:38:32Z,2016-10-07T19:49:46Z,"As originally [http://core.trac.wordpress.org/ticket/20480#comment:4 proposed] in the comments of #20480 (and in fact further back in a [http://core.trac.wordpress.org/ticket/14111#comment:4 comment] for #14111), a `pre_wp_unique_post_slug` filter early in `wp_unique_post_slug()`could be useful and justified for some use cases rather than relying on the existing and late-firing `wp_unique_post_slug` filter for a couple reasons:
* `wp_unique_post_slug()` (and thus this new filter) is not high use, so won't impact performance
* `wp_unique_post_slug()` performs database queries (perhaps repeatedly until a unique slug is found), fires other filters, etc, all of which may be rendered moot if a hooking function's intent is to fully implement its own slug generation/handling logic. The pre slug could short-circuit that unnecessary effort.
The attached patch introduces the new filter in addition to adding related phpDocs.",coffee2code,6
19272,Add Filter to Nav Menu Support Themes Text,,Menus,,normal,trivial,Future Release,enhancement,assigned,needs-docs,2011-11-16T22:47:52Z,2016-10-07T19:32:18Z,"Frameworks could use a filter here to customize the message: _n('Your theme supports %s menu. Select which menu you would like to use.', 'Your theme supports %s menus. Select which menu appears in each location.', $num_locations ). For example, it may be the child theme that doesn't support the menus. Also, if none are supported (say via add_theme_support), then when it's zero, it says: ""Your theme supports 0 menus. Select which menu appears in each location."" (which doesn't make much sense). So adding a filter can enable theme developers to further customize.
An example use case:
add_filter( 'nav_menu_theme_support_text' , 'wps_nav_menu_theme_support_text' );
function wps_nav_menu_theme_support_text ( $num_locations ) {
if ( $num_locations == 0 )
$text = 'Your child theme does not support custom menus.';
else
$text = _n('Your theme supports %s menu. Select which menu you would like to use.', 'Your theme supports %s menus. Select which menu appears in each location.', $num_locations );
return $text;
}",wpsmith,5
16365,Comment transition for new comments,,Comments,3.1,normal,minor,Future Release,enhancement,new,needs-docs,2011-01-24T21:07:46Z,2016-10-07T19:30:00Z,"As far as I can tell wp_transitions_comment_status() does not get called for new 'comments' based on my testing and review of comment.php in wp-includes.
There is a similar transition for posts that gets called for new 'posts' including hooks like 'new_to_publish' and 'new_to_private'.
I feel that there should be a similar hook to this form comments so that plugins can hook into new comments differently from comments moved from one existing status to another (like comment_unapproved_to_approved'.",MattyRob,24
15533,wp_get_nav_menu_items order doesn't work,,Menus,3.0,normal,normal,Awaiting Review,defect (bug),assigned,needs-docs,2010-11-21T22:18:01Z,2016-10-07T19:16:38Z,"Argument order doesn't work when output is ARRAY_A since on the end of function wp_get_nav_menu_items there is a usort on the $items array what will be returned.
Since out ARRAY_A is the default output this can give strange behaviour.
The code that gives the problem:
{{{
if ( ARRAY_A == $args['output'] ) {
$GLOBALS['_menu_item_sort_prop'] = $args['output_key'];
usort($items, '_sort_nav_menu_items');
$i = 1;
foreach( $items as $k => $item ) {
$items[$k]->$args['output_key'] = $i++;
}
}
}}}",markoheijnen,7
15332,dbDelta($query) - do not create view,,Database,3.0.1,normal,normal,Future Release,feature request,reopened,needs-unit-tests,2010-11-07T14:23:52Z,2016-10-07T19:07:58Z,"during plugin creation I create few tables with dbDelta($query). that is working without problems.
But on the end I create two views on this tables with dbDelta($query) - that is not working. The views are not created.
The sql is ok, manually the create works.",christian_gnoth,14
34109,Incorrect URL scheme for media in the admin area when using administration over HTTPS,jeremyfelt,Media,,normal,major,Future Release,defect (bug),assigned,has-patch,2015-10-01T11:24:35Z,2016-10-07T18:53:59Z,"It seems that we no longer have a ticket addressing this issue.
On a site where `siteurl` and `home` use the `http` scheme but `FORCE_SSL_ADMIN` (or `force_ssl_admin()`) is set to true, media in the admin area is incorrectly served with the `http` scheme and therefore produces mixed content warnings. When `siteurl` uses the `https` scheme, media is served over `https` as expected.
This affects the media library, the media manager, featured images, comments on attachments, actively editing an image on its attachment editing screen, and media-new.php.
Curiously, the attachment editing screen itself isn't affected until you click 'Edit Image', which means there's most likely a bug there.
This was previously tackled by #15928 ([31614]) for 4.2, but was reverted in #32112 ([32342]) for 4.2.2 because it resulted in media with the `https` scheme being inserted into post content, which is not desirable (eg. due to a self-signed cert or restrictions placed on access to the `https` host).
It's likely that altering the behaviour of `wp_get_attachment_url()` will have unintended consequences (as above), so we might need to consider the introduction of a new function which is used specifically for media item URLs in the admin context. The introduction of a `$scheme` parameter to `wp_get_attachment_url()` ''might'' work, but probably not.",johnbillion,34
33821,redirect_canonical does not consider port in $compare_original,,Canonical,2.3,normal,normal,Future Release,defect (bug),new,needs-unit-tests,2015-09-11T03:18:16Z,2016-10-07T17:08:43Z,"In the `wp-includes/canonical.php` file the `$requested_url` is built starting at line 64. It combines `is_ssl()` for protocol, `$_SERVER['HTTP_HOST']`, and `$_SERVER['REQUEST_URI']` - but it does not consider `$_SERVER['SERVER_PORT']`
This causes a redirect loop for us because we run HTTPS on port 8443.
I suggest checking to see if a port other than 80 or 443 is being used and adding that as part of the comparison - suggested patch attached.",willshouse,5
33547,Smilies are served over http instead of https and create mixed content when logged in,johnbillion,"Posts, Post Types",,normal,normal,Future Release,defect (bug),assigned,needs-unit-tests,2015-08-25T20:24:53Z,2016-10-07T17:03:04Z,"When I'm logged in into admin panel and view my website, the smilies are served over http instead of https which causes that there is mixed content and no graphics are displayed on the website at all.",Strzyga,8
31405,upgrade.php fails with mixed HTTPS (SSL) and simple HTTP sites,,Upgrade/Install,3.0,normal,normal,Awaiting Review,defect (bug),assigned,has-patch,2015-02-21T19:28:16Z,2016-10-07T16:55:08Z,"upgrade.php fails with mixed HTTPS (SSL) and simple HTTP sites
The bug is discussed here
http://wordpress.stackexchange.com/questions/156642/how-to-use-wordpress-multisite-with-mixed-http-and-https-sites
I also add a patch that solves the SSL upgrade issue in my case.",intersol,17
31076,Multisite signup functions don't support SSL,,Login and Registration,,normal,normal,Future Release,defect (bug),new,,2015-01-20T16:21:57Z,2016-10-07T16:51:42Z,"[source:tags/4.1/src/wp-signup.php#L612 confirm_blog_signup()], [source:tags/4.1/src/wp-signup.php#L361 confirm_another_blog_signup()], and [source:tags/4.1/src/wp-includes/ms-functions.php#L768 wpmu_signup_blog_notification()] use hardcoded `http://` links.",SergeyBiryukov,3
27954,Add FORCE_SSL option to enable HTTPS everywhere on the site,johnbillion,Security,4.0,normal,normal,Future Release,task (blessed),reopened,has-patch,2014-04-21T16:59:04Z,2016-10-07T16:46:38Z,"We have the option to FORCE_SSL_ADMIN and FORCE_SSL_LOGINs, but not to FORCE_SSL for everyone everywhere.
Aside: It appears wordpress.com force's SSL everywhere",bryanquigley,22
25449,wp_upload_dir() doesn't support https,,Upload,3.8,normal,major,Future Release,defect (bug),new,has-patch,2013-09-30T13:11:15Z,2016-10-07T16:41:29Z,"The wp_upload_dir() function does not support https. I have added a simple is_ssl() check and a string replacement to serve the correct URL type.
'''Background behind what prompted me to write the patch:'''
I read a blog post by Kaspars Dambis in which he discussed fixing this problem via his own plugin, but it seems to me that since WordPress outputting an incorrect URL, that it would make most sense to fix it there.
http://kaspars.net/blog/wordpress/minit-plugin-ssl-https
",ryanhellyer,31
17541,Blogger-XMLPRC API does not work with Multisite/SSL/DMZ combination,westi*,XML-RPC,3.2,normal,major,Future Release,defect (bug),accepted,has-patch,2011-05-23T07:26:29Z,2016-10-07T16:26:40Z,"I have the following setup:
My WordPress Blogs (multisite) are set up behind a firewall that exposes the public address via SSL. Inside my DMZ I'm only using HTTP, so that's what WordPress sees. When I now try to access the blogger.getUsersBlogs XMLPRC-API, I get an empty result back.
I analyzed the WordPress source code and found out that the blogger.getUsersBlogs method in the file wp-includes\class-wp-xmlrpc-server.php uses another XMLRPC call to the wp.getUsersBlogs method in case of the multisite. I further checked and found out that this appears to be the only case in which WordPress executes a remote call itself to sevice the request. I then replaced the logic in _multisite_getUsersBlogs with the multisite part from wp_getUsersBlogs and it worked.
I aso found an issue that might be related: http://core.trac.wordpress.org/ticket/16402
But since the source code in the trunk still uses the regular IXR_Client, I'm not sure if this would fix the issue.
I attached my fix as a patch, but it's not refactored to remove code duplication since I don't have a dev-environment set up for WordPress.
Michael",michael_k,6
16979,Extra hooks needed in comment process,,Comments,,normal,normal,Future Release,enhancement,new,has-patch,2011-03-27T06:06:54Z,2016-10-07T16:14:09Z,"I'm running into a few commenting issues whilst building a plugin with a custom post type..
* Duplicate comment check's cannot be bypassed
* Empty comments are not allowed (In this case, the comment body is empty whilst a set of custom fields acting as metadata are set, meaning, the plugin wants to accept that comment)
* being able to override the wp_die() in the commenting process would be useful (Currently: Duplicate comments, User not logged in, and not all fields filled in will cause this)
One potential solution would be to move [http://core.trac.wordpress.org/browser/trunk/wp-comments-post.php#L55 lines 55-84] from `wp-comments-post.php` to functions hooked to `preprocess_comment`",dd32,14
35196,Unit tests for URL schemes,,General,,normal,normal,Awaiting Review,task (blessed),new,has-patch,2015-12-22T09:15:10Z,2016-10-07T16:03:13Z,"In order to tackle various HTTPS related issues, it would be ideal to have test coverage for the schemes of URLs returned by the URL-generating functions under various conditions.
For example, we know that `admin_url()` should always return a URL with an `https` scheme when `FORCE_SSL_ADMIN` is true. However the scheme in the URL returned by `home_url()` varies depending on the current request's scheme as well as the `home` option's scheme.
We can test all combinations of schemes in the `home` and `siteurl` options, as well as the `force_ssl_admin()` setting, and test the schemes of URLs returned by various functions under various situations (admin vs. front end, and `is_ssl()` vs. not).
Patch coming up soon.",johnbillion,2
36743,Inline link edit not hides in other tabs,,TinyMCE,4.5.1,normal,normal,Future Release,defect (bug),new,,2016-05-03T16:29:28Z,2016-10-07T13:48:20Z,"Hi,
As You can see in the video i have captured, The inline link editor toolbar is still showing in other tabs.
Notes:
1. It will happened any time that You have tabs and editor in screen.
2. It works correctly in WordPress editor when we changing editor mode to text.
It maybe belongs to loading editor in iframe. Hope to help.
",h71,2
37066,Paragraph after break line isn't maintained when saving,,TinyMCE,4.5.2,normal,normal,Awaiting Review,defect (bug),new,reporter-feedback,2016-06-09T17:52:58Z,2016-10-07T13:46:21Z,"Reproduce:
Write a new post and do the following:
* Write few words
* Shift + Enter (to break line)
* Write few words
So now you'll have something like that:
{{{
First line..
Second line..
}}}
Now, between the first and the second line, click enter. You will get this
{{{
First line..
Second line..
}}}
You will also see the space between the two lines in the editor.
Now save or switch to html mode
Expected:
Two paragraphs, and space between the two lines.
Current Result:
One paragraph, no space between the two lines.",rellect,1
38248,Extend Widgets UX and Capabilities,,Widgets,4.7,normal,normal,Awaiting Review,enhancement,new,,2016-10-06T18:11:29Z,2016-10-07T11:25:32Z,"After some great discussion in #37974 and at the recommendation of @folletto, I wanted to create a ticket to help foster the discussion and improvement of widgets in WordPress. As @folletto said:
> Widgets are powerful. Widgets are also massively under-utilized in WordPress. We should totally work to make widgets easier to use, interact (drag'n'drop?).
Here are some critical questions to help guide this:
* How can widgets become more extendable within WordPress?
* How can widgets become easier to use for users?
* How can widgets be easier to work with for themers?
Let's figure out what the next version of Widgets looks like.",davidakennedy,3
33507,Allow widget controls to be JS-driven,westonruter*,Widgets,3.9,normal,normal,Future Release,enhancement,accepted,,2015-08-22T05:30:02Z,2016-10-07T03:57:24Z,"Widgets currently have an almost complete reliance on PHP for all aspects of their behavior:
* Generating the control form via `WP_Widget::form()`
* Validating the instance data via `WP_Widget::update()`
* Rendering the widget into the template via `WP_Widget::widget()`
The dependence on PHP can make managing widgets in WordPress relatively slow. In the Customizer, it can be excruciatingly slow since the widget form control is presented alongside the widget in the preview, and so the slow roundtrip time for sanitization and rendering is clear (especially with full-page refreshes of the Customizer, which is to be mitigated in #27355 via partial refreshes).
In the Customizer, making a change to a widget form field results in an `update-widget` Ajax call to pass the full form data to WordPress to pass it through the widget’s `update` callback for sanitization. The Ajax handler then passes this updated instance through the `form` callback, and the HTML output of the `form` callback then gets sent back in the Ajax response. (Look at the number of Ajax requests triggered when typing into a widget field.) The Customizer widget logic then tries to apply the sanitized instance data by aligning the input fields in the widget form shown in the Customizer with the input fields sent in the Ajax response. When the input fields are aligned (when the same inputs are present), then the inputs’ values will be updated to their sanitized values and a `widget-synced` jQuery event is triggered. But if the inputs cannot be aligned (which can happen easily if any of the fields are created dynamically), then it falls back to showing an Update button which will do a full replacement of the widget form, just as is done on the widgets admin page (and a `widget-updated` jQuery event is triggered). Then finally, once the widget instance is updated, then the Customizer preview can do its full page refresh with the widget instance previewed in the template.
Most of the above logic can be eliminated entirely if widget controls handled rendering of the controls and sanitization of the instance data purely with JavaScript, just like every other Customizer control normally behaves.
Widgets would hugely benefit from a revamp following patterns laid down in Customizer controls. Customizer controls were designed to be JS-driven from the start. A Customizer control gets associated with a Customizer setting, the control then applies the setting data onto the control’s template and the inputs are automatically synced back to the setting—this is accomplished via two-way data bindings provided by `wp.customize.Element`. So controls in the Customizer handle UI validation purely with JavaScript. There is no need for an Ajax request because the logic is in the client. (True this means that the sanitization logic has to be duplicated in PHP and JS, but this can be minimized by adopting a common schema for the input types.)
Naturally these new JS-driven widgets would need to be backwards compatible with existing widgets. We can allow a widget to opt-in to indicate it is JS-driven by supplying a new flag to the seldom-used `$control_options` param to `WP_Widget::__construct()` (which is used to pass the infamous width/height for wide widget form controls), for example:
When this is present, the Customizer would disable the existing update mechanism and defer to the control’s own logic.
Note that these new JS-driven widget controls in the Customizer would be implemented in a very similar way to how nav menu item controls have been implemented in the Customizer in 4.3. The overall widget control would be associated with a single widget instance setting. The widget’s setting would be just the JSON-serializable instance array (object) as opposed to a scalar value, and each property in the setting value would then get mapped to a different `wp.customize.Element` in the widget control: the inputs’ values would then get synced back into property of the setting object value by means of `wp.customize.Element` instances.
Some widget controls would still depend on the server for UI validation, for instance the RSS widget. However, only specific fields would need to be validated as opposed to the entire form. Note again that full server-side validation of the widget instance data would still be required. Ideally the duplication of logic here could be reduced by having a schema that both the JS and PHP validation logic could read from.
While the above focuses specifically on making the `WP_Widget::form()` and `WP_Widget::update()` both JS-driven, there may also be an opportunity to allow widgets to opt-in to JS-driven rendering of a given widget (i.e. implementing `WP_Widget::widget()`, in JS). This would make a lot of sense if the widget defined its template in Mustache (or Twig) and then allowed the instance array to be applied to that template either server-side or client-side. The effect for client-side would be postMessage instant previews of changes to widgets in the Customizer. The PHP-driven performant alternative to this would be partial-refresh as outlined in #27355.
By using JS-driven widgets, we will be able to use control templates for the widget controls as opposed to having to include a separate copy of the widget form with each control's params. This can drastically reduce the page weight, since the control template only needs to be included once.
By implementing JS-driven widget controls, the user experience of managing widgets would be vastly improved and the server load would be greatly reduced.
Depends on #35574 (Add REST API JSON schema information to WP_Widget)
See feature plugin: https://github.com/xwp/wp-js-widgets",westonruter,14
38071,Add status links to network/sites.php,,Networks and Sites,3.0,normal,normal,Future Release,enhancement,new,needs-unit-tests,2016-09-15T19:08:13Z,2016-10-06T22:12:04Z,"Although sites have a ""status"" property, there is no interface for identifying what sites have which statuses, or their associated counts.
Screens that do have this:
* Posts
* Pages
* Users
* Comments
* Plugins
* Themes (network or list view)",johnjamesjacoby,10
37217,get_network_by_path should use WP_Network_Query,flixos90,Networks and Sites,4.6,normal,normal,Future Release,enhancement,reviewing,needs-unit-tests,2016-06-28T22:28:41Z,2016-10-06T21:28:15Z,"The get_network_by_path is used in the bootstrap process to load the network object. With the new WP_Network_Query class, we should use that to load the network object. Using WP_Network_Query we gain filters and caching.",spacedmonkey,6
33967,"MS Sites: content of the users column should be by choice, number is not too informative",,Networks and Sites,4.3,normal,normal,Future Release,enhancement,assigned,dev-feedback,2015-09-22T13:43:11Z,2016-10-06T20:49:09Z,"I sadly noticed, that on network admin -> sites, the users column only shows numbers now.
It looks nicer with the less data, but on the other hand we used that information.
I ask, it is possible to make it choosable, or at least, list the users in the excerpt listing mode?
Why I ask this:
We have a multisite install with many blogs and open registration. Because of that we sometimes have spam blogs.
We frequently delete those spam blogs with its user(s), but now it's more complicated, because we don't see the email (user) at first. We have to open it on a new window (by clicking on the number of users).
That slows down the process.
And in some cases, just from the registered user (email) we saw if it was a spam blog or not.",katazina,26
36734,Filter for preview button,,Editor,,normal,normal,Awaiting Review,feature request,new,,2016-05-02T15:41:26Z,2016-10-06T18:45:36Z,"Hey guys.
First of all thank you for the great job you do every day with this project. Before I created a PR I would like to ask if we can have a filter for the '''Preview''' button. At the moment we can ""hide"" the button via inline CSS on the admin or JS but I would like to know if there is a chance to include a filter that we can use from our themes or plugins to hide this button where is required.. Since I saw the only way to hide this field is if the publicly_queryable is false.
I think if we have a filter that we can use to easily hide this button under certain circumstances might be useful for some scenarios such as:
- WP is used only to manage and create and API and the view is consumed via a APP or a FE that is not linked with the WP Themes such as an Angular or React project.
Plus this filter will not have any side effect on the current or normal sites that still uses the normal WP Themes.
Thank you for your work again, and please let me know what are the next steps on this one and I will be happy to send a PR for adding the required filter, just wanted to make sure you are ok with this type of changes.
So far this might be a possible approach:
{{{#!php
'' ) )` and needlessly & badly loads up all 60,000 terms into memory of the custom taxonomy
* `wp_insert_term()` then see's an empty slug and ultimates settles on a setting the slug to the numeric ID of the term somehow
* `wp_insert_term()` finally inserts a term with a numeric slug and empty `name` field
I think at a minimum, we should verify that the term name is still valid after term sanitisation. See patch for that.",dd32,1
31906,Select multiple menu items in Appearance > Menu,,Menus,,normal,normal,Awaiting Review,enhancement,new,dev-feedback,2015-04-06T14:39:32Z,2016-10-06T11:34:29Z,"It would be nice to be able to select multiple menus in Menu Structure (eg. for deletion or changing position).
At this time you are only able to select multiple menus to add.",kosvrouvas,3
38239,Add font-size to root HTML element for rem support?,,Administration,4.7,normal,normal,Awaiting Review,enhancement,new,,2016-10-05T22:12:26Z,2016-10-05T22:12:26Z,"Currently the `common.css` file does not define font-size in the `html` element, which if a plugin is using `rem` for font-size, will be based on `16px` default, instead of the `13px` which is set in the `body`.
To add support for WordPress' default font-size of `13px`, the `font-size` in the root `html` element, would need to be set to something like `font-size: 81.3%` which would match the `body` font-size of 13px, calculated by `13/16 = 0.8125`
Something to consider regarding this ... if we were to implement setting font-size in the `html` element, this could cause issues for any devs that are using `rem` for admin pages, they may have already adjusted their code to handle the `16px` default instead of WordPress' `13px` set for body.
https://core.trac.wordpress.org/browser/trunk/src/wp-admin/css/common.css#L204
https://www.w3.org/TR/2013/CR-css3-values-20130730/#font-relative-lengths
https://gist.github.com/glueckpress/5653233",tripflex,
36770,Enabling FORCE_SSL_ADMIN and FULL SITE breaks wp-cron.php,,Cron API,4.5.1,normal,normal,Awaiting Review,defect (bug),new,reporter-feedback,2016-05-05T21:24:57Z,2016-10-05T21:06:26Z,"Hello,
As in #12609 ages ago, in 4.5.1 I have enabled SSL for whole my website by default including SSL for admin. Noticed that none of the jobs that shall be run through CRON not running, like UpdraftPlus backup, Google Feed for Product refresh etc.",idarek,5
37753,The Edit button on a gallery does nothing unless you first click on the gallery.,,Editor,4.6,normal,normal,Future Release,defect (bug),new,,2016-08-20T18:14:56Z,2016-10-05T18:26:44Z,"The `Edit` button on galleries does nothing when clicked unless you first click on the gallery, and bring it into focus (blue highlighted border).
Steps to reproduce:
1. Edit a page containing a gallery.
2. Without clicking anything else on the page, hover over and click the gallery edit button.
3. Nothing happens.
4. Click the gallery itself, bringing it into focus.
5. Click the gallery edit button.
6. Gallery edit window opens as intended.",efco,2
37134,Allow filtering of safecss_filter_attr,,Formatting,4.6,normal,normal,Awaiting Review,enhancement,new,has-patch,2016-06-21T04:16:08Z,2016-10-05T17:43:07Z,"It would be helpful if sites could customize the allowed CSS. This would work around #24157 (which is 3+ years old).
In kses.php, we could solve this by filtering safecss_filter_attr. Diff attached.",paulschreiber,8
31520,wp_cache_get generates fatal error,,Cache API,4.1.1,normal,normal,Awaiting Review,defect (bug),new,reporter-feedback,2015-03-04T08:47:40Z,2016-10-05T13:33:18Z," There are timing issues in WP where some code in plugins, specifically wp super cache, make called to wp_cache_get before $wp_object_cache is initiated.
This generates a fatal error in php and can often send apache crashing.
This only occurs n wp_cache_get() and it seems as if the easiest solution is to check to see if $wp_object_cache is actually initaited and/or an object before calling its get() function.
… at /var/sentora/hostdata/zadmin/public_html/freemaal_in/wp-includes/
cache.php (113)
…at /var/sentora/hostdata/zadmin/public_html/freemaal_in/wp-includes/
option.php (54)
…/public_html/freemaal_in/wp-content/plugins/wp-super-cache/
wp-cache-phase2.php (255)",jatingupta2k,2
18161,Bulk action: Add user to multiple sites,,Users,3.2,normal,normal,Future Release,feature request,reopened,,2011-07-18T19:07:04Z,2016-10-05T12:15:00Z,"Currently, to add a single user to multiple sites, the super admin has to edit each site, add the user to the site, and then go on to the next site.
To improve this workflow, it would tremendously useful to be able to add a single user to multiple sites in the network admin.
This ticket could have scaling problems to solve.",danielbachhuber,7
34796,Facing an issue when using wp_remote_get with streams (non-blocking mode),rmccue*,HTTP API,4.3.1,normal,normal,Future Release,defect (bug),accepted,reporter-feedback,2015-11-26T22:45:06Z,2016-10-05T03:43:39Z,"On some hosting providers (like wpengine.com) I've encountered an issue when using wp_remote_get with streams (non-blocking mode) which on the other hand uses PHP native functions stream_socket_client, stream_context_create and stream_set_blocking. The issue is that HTTP request (non-blocking) never succeed, it just hangs/stuck on the initial call of stream_socket_client and neither errors or exception are generated. I've investigated the issue deeper and it seems that many people over the Internet have it. The issue can be resolved after invoking stream_socket_client we put usleep(5000) and then stream_set_blocking($handler, 0). It seems that the initial time for stream_socket_client is not enough and that's why it needs more time in order to process the HTTP request.
PHP Bugtracker
https://bugs.php.net/bug.php?id=64803
WordPress 4.3.1
PHP 5.5
Is it possible to add additinal parameter on wp_remote_get or if there is any other way to achieve setting usleep parameter will help us to precisely configure HTTP requests.
I am adding patch file",bangelov,3
34883,Support TLS Client Certificates,,HTTP API,,normal,normal,Future Release,enhancement,new,needs-unit-tests,2015-12-06T21:04:02Z,2016-10-05T03:41:48Z,"As we get savvier about TLS as part of the HTTPS Everywhere movement, one use-case that would be nice to support is using Client Certificates when making HTTPS requests. Using client certificates for authentication is a strong way to build trusted APIs.
This looks like it would be fairly straightforward to implement as the option is supported by both Curl and PHP stream contexts ({{{CURLOPT_SSLCERT}}} or {{{local_cert}}}, respectively). We'd just need to add the handling for specifying the path to a client cert as part of the $options array in the API calls, and turn that in the proper option for the actual transporter.
I should be able to create a patch for this shortly.",Outlandish Josh,1
18275,Can't get perfect thumbnail sizes with image editor,,Media,3.2.1,normal,normal,Future Release,defect (bug),new,,2011-07-28T02:37:16Z,2016-10-05T02:34:25Z,"In the media settings, I have the thumbnail set to a fixed size (218x145), and set to crop to these exact dimensions.
Sometimes the automatic thumbnail crops off people's heads, etc, so I use the Image Editor to manually adjust the thumbnail. I select a rectangle, set the aspect ratio to 218x145, click crop, apply to thumbnail only, and save.
However, sometimes that results in an image slightly off in dimensions - for example, 215x145.
I expect this is a rounding error. However, it happens even if I select an area much bigger than this when cropping in the Image Editor - eg 300x200. After I click crop and see the 300x200 image, I would expect the thumbnail to be automatically be created at 218x145 like it does normally based on this adjusted image - however, it appears the checkbox for using exact dimensions doesn't apply here. (In fact, if I select, say 300x300, it will make my thumbnail 145x145).
This feels like a bug to me, and makes it very hard to generate thumbnails at the size I want.",smerriman,3
32282,Wordpress image cropping is buggy,,Media,4.2.2,normal,normal,Future Release,defect (bug),new,,2015-05-07T11:10:30Z,2016-10-05T02:34:00Z,"see here
http://wordpress.stackexchange.com/questions/187577/cropping-image-results-in-image-being-too-small?noredirect=1#comment273421_187577
text copied from there:
This is the wordpress version 4.2.2 powell
I crop 1500 x 1000 and then press on crop, then save.
Resulting image size:
1497 x 1000
I don't know, I somehow hoped that wordpress is able to crop correctly.
The original image can be found here:
http://img.youtube.com/vi/zXgyoDAuaH0/maxresdefault.jpg
What I did is downsize to .... x 1000 then try to crop with selection manually entering 1500 x 1000
You can actually see the bug earlier, when you enter 1500 x 1000 and then click on the selection to drag it around (right, drag the selection, not change size) it results in the number 1500 falling down to 1498.",Jossnaz,2
38231,Allow download_url to respect content-disposition header,,HTTP API,4.7,normal,normal,Awaiting Review,enhancement,new,has-patch,2016-10-04T21:39:23Z,2016-10-05T01:36:33Z,"In #34938 it was proposed to use a filter in the `wp_tempnam` function which was rejected in favor of ignore the query string when downloading a file. This, however can still propose a problem when someone is the function to download a tokenized file where the path can be long.
In the case where the headers of the response provide a `content-disposition` header including a file name, it would be ideal to have the `download_url` function respect this file name and move the file name (which by default is the token in the path) to the file name requested.",cklosows,
26056,Database is not upgraded in multisite if loopback is disabled,,Upgrade/Install,3.0,normal,major,Awaiting Review,defect (bug),new,,2013-11-15T21:17:06Z,2016-10-04T19:20:25Z,"If on a server that disables loopback connections (like several shared hosting companies have implemented) when attempting to upgrade a WordPress Multisite the database is never upgraded from the normal upgrade process.
The normal upgrade process fails on the Network Upgrade wp_remote_get call with
{{{
Warning! Problem updating http://domain/subsite. Your server may not be able to connect to sites running on it. Error message: couldn't connect to host
}}}
The intent seems to be that logging in to the site(s) would fix it as the help on the Upgrade Network page (/network/upgrade.php?action=upgrade) says
{{{
If this process fails for any reason, users logging in to their sites will force the same update.
}}}
but although logging in attempts the update, that also fails (but silently) as it also fails on the wp_remote_get.
There's nothing that indicates the database version is out of step with the code and so no prompt. At least manually going to /wp-admin/upgrade.php and all /subsite/wp-admin/upgrade.php does fix it.
To replicate:
1) Get a server where loopback is disabled (or perhaps simulate it using the pre_http_request filter)
2) Install multisite using WP 3.0
3) Create a subsite
4) Upgrade to latest WP version using the link in the admin
5) Check the database version in the wp_options, wp_x_options table - or use this code to add the version into dashboard rightnow
{{{
add_action('rightnow_end','dbversion');
function dbversion(){
$dbv = get_option('db_version');
echo ""DB Version: $dbv"";
}
}}}
6) Log in/out to main site and subsite - database version remains at the old level
7) Manually visit the /subsite/wp-admin/upgrade.php page and upgrade it's database. The subsite db version will now be correct, but the main site will not until /wp-admin/upgrade.php is also visited",creativeinfusion,5
19627,Themes should be able to opt-in to a static front page,,Themes,,normal,normal,Future Release,feature request,assigned,,2011-12-21T01:42:05Z,2016-10-04T17:57:10Z,"A theme should be able to register that they are designed to have a static front page by default. Core should then pick up on this as part of the activation process and allow them to pick or create a page, or ignore it and show posts on the front.
Twenty Twelve will most likely need this (http://wpdevel.wordpress.com/2011/12/20/default-theme-twenty-twelve/).",nacin,51
29872,Permalink Structure Tags buttons,,Permalinks,,normal,normal,Future Release,feature request,new,has-patch,2014-10-06T14:37:34Z,2016-10-04T15:44:53Z,"I think it would be interesting, in the customization of permalinks screen, display a box with all the available structures, where the user could drag and drop them.
With that, he would not need to open a new page, view the documentation and check what are the available structures. He could already build your own structure on the page by dragging and dropping.
I made a mockup:
[[Image(http://i.imgur.com/25U4K5Y.png)]]",Apiweb,13
28616,ftp_fput should have a retry threshold,,Filesystem API,3.9,normal,normal,Awaiting Review,defect (bug),new,needs-unit-tests,2014-06-23T18:27:07Z,2016-10-04T08:39:28Z,"In class-wp-filesystem-ftpext.php in put_contents(), ftp_fput() is called to transfer a file to the FTP server.
The first problem is that warnings are suppressed, so the user never knows that this is the location where something went wrong.
The broader problem is that a single transient network failure between the web server and FTP server causes this call to fail. Well, that would be not a big problem if the user's operation were a single call. However, this function is used by Wordpress auto-upgrade when direct file access fails. For each file in the Wordpress distribution, this function is called to transfer it to the FTP server.
As the default Wordpress distribution gets more and more bloated, the number of calls increases proportionally, and the likelihood of at least one FTP transaction failing increases. A single failure aborts the entire Wordpress upgrade. It seems reasonable to at least retry up to (say) three times the ftp_fput() call before returning an error to the higher level and aborting a large process such as Wordpress upgrade which is using FTP as backing for the filesystem abstraction layer.",runderwo,3
37998,readme.txt and readme.md,,Build/Test Tools,4.7,normal,normal,Future Release,enhancement,new,has-patch,2016-09-08T21:54:06Z,2016-10-04T08:33:48Z,"I checked for ticket but couldn't find one, it would be great to have a readme.md version for the github version of WordPress. There are several pull-requests attempt for it.
https://github.com/WordPress/WordPress/pull/200
https://github.com/WordPress/WordPress/pull/222",bhubbard,4
38223,Add indicators to off-site links in wp-admin,,General,,normal,normal,Awaiting Review,enhancement,new,,2016-10-04T07:31:51Z,2016-10-04T08:28:14Z,"Now that `target=""_blank""` has been removed from links in the help tab on pages, off-site links will take the user away from their current screen.
While a fan of removing `_blank` links, we should set expectations for users, the tabs on one side open new panels, on the other side they take you to Codex articles on .org while still retaining a similar style.
I can see this as being a frustrating point for users who'd use the help tab and suddenly find them selves not only losing data from their forms etc that may not be fully filled in, but also taken to a completely new domain.
Introducing a new screen reader text alerting users to a link taking you to an external source, as well as an icon or similar for non-sr users would be good in regard to UX.
I believe the link icon of a box with an arrow going diagonally out of it has become a well established indicator of external links, we even have a [https://developer.wordpress.org/resource/dashicons/#external dashicon] ready for it",Clorith,1
18525,"zlib.output_compression ""on"" in server conflicts with autoupdate",,Bootstrap/Load,3.2.1,normal,normal,Awaiting Review,defect (bug),new,dev-feedback,2011-08-26T20:11:45Z,2016-10-04T05:43:58Z,"If zlib.output_compression is ""on"" in server (my vps server), then auto-update works, but without verbose output or any indication that install has succeeded.
This error is consistent for all auto-updates WordPress Application and all plugins.
It is NOT a plugin conflict. Occurs on different servers.
Testing has confirmed that when zlib.output_compression is returned to ""off"", then updates work as expected.
In my opinion this is a minor bug and probably a note in the readme file will suffice.
Thank You,
Neil Miller
zx@avidre.net",avidre,25
18630,Custom Comment Validation Error,,Comments,3.3,normal,minor,Awaiting Review,feature request,new,has-patch,2011-09-09T19:49:33Z,2016-10-04T01:45:13Z,"One of the things that bugs me about WordPress is not being able to customize the wp_die() function that is called on comment form validation. I have seen some people sugget core hacks, eek. I'm hoping that a hook is added to allow overriding of the default wp_die(). Maybe even a new template file wp_error.php that would be called first.
I haven't found a lot of discussion on this in trac just #11286 and #10551",bandonrandon,7
37868,Avoid default width styles in the markup of the audio player,wonderboymusic,Embeds,4.6,normal,normal,Future Release,enhancement,assigned,has-patch,2016-08-29T18:51:47Z,2016-10-03T22:37:28Z,"The markup for every audio player contains inline styles for setting its width to 100%, like below (simplified):
{{{

}}}
Why not move that style to a stylesheet? It is the default style for ''every'' audio player, so let’s not repeat ourselves each time. Moreover, style attributes in the HTML make it hard to override styles. If you don’t want your audio player to be 100% wide you’re left with two ugly options:
a) Use `!important` declarations in your own stylesheet to override it.
b) Filter out the default width like this:
{{{
add_filter( 'shortcode_atts_audio', 'my_shortcode_atts_audio', 10, 4 );
function my_shortcode_atts_audio( $out, $pairs, $atts, $shortcode ) {
$out['style'] = preg_replace( '~(?:^|\s)width\s*+:\s*+100%;?~i', '', $out['style'] );
return $out;
}
}}}
",GeertDD,5
35430,Should the 'counts' cache group be persistent?,,Cache API,4.4,normal,normal,Future Release,enhancement,new,needs-unit-tests,2016-01-13T02:58:54Z,2016-10-03T22:34:32Z,"I checked that the places storing data in the `'counts'` cache group have proper way to delete the data in cache on updates. For example, `wp_count_posts()` stores the post count, and `_transition_post_status()` deletes the count. So could we change the `'counts'` cache group to be persistent? This can reduce the repeated counting queries to the database.",wjywbs,4
28121,Theme Feature Filter problem with Warnings,jorbin,Themes,,normal,normal,Awaiting Review,enhancement,assigned,has-patch,2014-05-04T19:47:56Z,2016-10-03T22:09:15Z,"There are several Warnings:
{{{
Warning: Illegal offset type in isset or empty in C:\www\wordpress\src\wp-admin\includes\theme.php on line 269
Warning: Illegal offset type in C:\www\wordpress\src\wp-admin\includes\theme.php on line 272
}}}
Using latest xampp, Windows, I am not sure if it is not somehow related to .org API?
Related topic: http://wordpress.org/support/topic/after-installation-of-wperror-occurs-in-appearance-themes-feature-filter (and many others).
",pavelevap,7
37219,Admin menu with admin_url function,,Administration,,normal,normal,Future Release,enhancement,new,has-patch,2016-06-29T06:13:05Z,2016-10-03T22:02:05Z,I think that options in menu should have admin_url function. For example I want add custom param (?lang=de). I can use admin_url filter but this not work in menu items,sebastian.pisula,6
10483,Change post_name's length from 200 to 400,SergeyBiryukov,Permalinks,,normal,minor,Future Release,enhancement,reviewing,dev-feedback,2009-07-25T06:31:52Z,2016-10-03T21:15:42Z,"Hello, guys! Thank you very much for providing such a great piece of software! I love WordPress very much! :)
I use WordPress in Russian language and the URLs on my [http://www.ielnur.com blog] consist of Russian characters. There is a [http://www.ielnur.com/blog/2009/05/снова-бросить-курить-30-тидневное-испытание/ post] with not such a long URL in Russian, but since it gets encoded to special characters it becomes too long to get fit into `post_name` field of `post` table.
I've found what code needs to be changed to increase the length. I make these changes every time a new version is released. I think it would be better to submit a patch here so that others people can benefit from it and I will not need to make those changes every release.
I'm attaching the patch to this ticket and asking you to apply it to the code.
Thank you very much again, guys! You do a great job! :)
Cheers,
Elnur",elnur,35
38077,Facilitating embedding customizer controls outside of sections,westonruter*,Customize,,normal,normal,Future Release,enhancement,accepted,,2016-09-16T20:14:50Z,2016-10-03T21:05:26Z,"Controls are currently assumed to be always contained within sections in the customizer. This makes it difficult to reuse the controls in other contexts, such as embedding multiple controls inside another control or embedding a control outside the context of the customizer entirely.
Some of the hacks required to get controls to appear outside of the customizer can be seen in https://github.com/xwp/standalone-customizer-controls
The Media control in particular needs to be updated to remove the logic resize the player controls when the section is expanded. The `embed` method (used by widgets) also needs to not wait generally for a contained section to expand.
Key dependency for #29071 (Make it easier to include an instance of the Customizer outside of customize.php)
Depends on or is closely related to #37964 (Allow customizer controls to be encapsulated by accepting pre-instantiated settings)",westonruter,4
29838,"Post editing area: keyboard accessibility, tab order and focus",,Editor,4.0,normal,normal,Future Release,defect (bug),new,,2014-10-02T16:27:31Z,2016-10-03T17:31:35Z,"This ticket aims to focus on a specific area of the UI, let's call it ""Post editing area"", the one that starts with the ""Title"" field and ends with the editor area, both in ""Visual"" and ""Text"" mode.
Related: #27553 while researching we noticed:
> '''joedolson''': outstanding issues surrounding tab order, but this are long-standing and not relevant to this specific patch and issue; that needs to be raised separately.
There's room for accessibility improvements here, especially when it comes to tab order and focus management. To fully understand what's going on you should stop for a while being a ""nervous clicker"" :) and:
- apply the patch from #27553
- unplug your mouse and disable your trackpad :)
- use just your keyboard
- tab around, both forwards and backwards
It would be great to test also switching off your display and using a screen reader, I would recommend Firefox and NVDA.
Two main issues:
Focus.
When you're in the ""Title"" field and then you tab forwards, focus is moved directly inside the editor area skipping all what's in between.
While this *may* be useful for sighted keyboard users (they save a few key presses, say 1 second?), it's a very critical experience for screen reader users: when they tab forwards, they get that right after the title there's the editor. But when they tab backwards, they get many more elements that ""weren't there before"". [https://core.trac.wordpress.org/ticket/27553#comment:17 more details on 27553 comments].
Tab order.
The ""tabbing experience"" in Visual and Text mode should match as much as possible. Ideally, there should be a better [http://www.w3.org/WAI/GL/2014/WD-WCAG20-TECHS-20140902/G59 logical sequence in the markup]. When editing the title, the next logical step is editing the content, all the other controls (Add Media button, additional buttons provided by plugins and themes, etc.) should not be placed between the Title and the editor. The CEUX project proposed something similar at some point.
There is ongoing research and development on the editing experience, see for example Editor Focus/DFW in #29806 and the idea to review relevant parts of the UI, see [https://make.wordpress.org/core/2014/10/01/agenda-for-october-1st-dev-chat/#comment-19392 explore moving the Publish | Save | Preview buttons out of the metabox, etc.] so it would be a great opportunity to explore this ticket too.",afercia,21
38221,Incorrect page id/name search blocks future searches,,Media,4.4.2,normal,normal,Awaiting Review,defect (bug),new,,2016-10-03T16:29:02Z,2016-10-03T16:29:02Z,"After an incorrect page id or name search in the media library, ex ''upload.php?p=123'' or ''upload.php?name=noexist'', future searches get blocked in js.
Steps to reproduce:
1. go to ''upload.php?p=123'' (or use another id which doesn't exist)
2. should see 'No media files found.'
3. submit a search in the search box (nothing will happen)
Submitting the form is blocked by wp-admin/js/media.js:90, preventing the submit for (an unrelated?) search #find-posts.",bencroskery,
38220,Can't edit a pic and applying changes to Thumbnail only isn't working,,Media,4.6.1,normal,normal,Awaiting Review,defect (bug),new,,2016-10-03T14:57:15Z,2016-10-03T14:57:15Z,"Add a pic to the media library.
Select a post and assign the image as the feature image
Edit the image and select 'apply changes to thumbnail only'
Crop and save the image.
Refresh the post.
View the slider and thumbnail on the homepage and the thumbnail changes don't look like they have been applied.
In most cases the images being used need to be cropped otherwise they will be cutoff while displayed as a thumbnail, so editing the image and only applying the edits to the Thumbnail is the best option but for some reason it doesn't appear that the edits being made are applied to the Thumbnail when viewing the thumbnail on the homepage.",jnickelberry,
11235,"Pages whose ancestors are not all ""published"" cannot be used as parents for other pages.",,"Posts, Post Types",2.9,normal,normal,Future Release,defect (bug),new,needs-unit-tests,2009-11-23T01:04:01Z,2016-10-03T12:39:36Z,Pages with trashed parents cannot be used as parents for other pages (they do not appear on the list).,caesarsgrunt,9
38171,A site within a network has no more users when those users are deleted from the network,,Networks and Sites,3.0,normal,normal,Awaiting Review,feature request,new,dev-feedback,2016-09-27T14:08:40Z,2016-10-03T12:26:05Z,"In a multisite installation, if a site has only one user and you delete this user, the site has no more users.
That seams logical, but this is not what super admin expects when he deletes a user from the network. When deleting a user, the following question appears :
What should be done with content owned by XXX ?
But even if he chooses ""Attribute all content to:"" option, the site in question is left without any user. I don't think this is impacting the site functions, but perhaps we should add a note ?
We have several options :
* if a user is selected to attribute the content to, it should also be added as a site user
* OR, display a warning somewhere that a site will be left without any user before deleting the user
* OR, do nothing and be responsible of some heart attacks when a super admin discovers that a site has no more active user.
",Fab1en,7
35065,Tests for docblock quality,,Build/Test Tools,,normal,normal,Awaiting Review,enhancement,new,has-patch,2015-12-14T01:15:09Z,2016-10-03T10:29:51Z,"Attached is a patch which implements various tests for docblocks in PHP files. The patch is experimental and is intended only to determine whether unit tests for docblocks are a good idea or not.
Currently tested for each function/method:
* Existence of docblock.
* Non-emptiness of docblock.
* Correct number of `@param` tags.
Currently tested for each parameter of a function/method:
* Non-emptiness of description.
* Name matches actual parameter name.
* Various type hint validations (not so appropriate for core).
* Existence or not of ""Optional"" string.
* Existence or not of ""Default"" string.
Currently this only tests functions/classes which are loaded in the current scope. [https://github.com/phpDocumentor/Reflection phpDocumentor's static reflection library] allows static analysis of files instead of using PHP's built-in Reflection API, which would allow for all functions and classes to be tested.
cc @DrewAPicture",johnbillion,12
36973,Update FTP credentials form design,,Upgrade/Install,,normal,normal,Future Release,defect (bug),new,,2016-05-30T09:27:42Z,2016-10-03T08:44:13Z,"As reported by @melchoyce in https://github.com/obenland/shiny-updates/issues/100, the filesystem credentials dialog needs some love to improve accessibility and the overall design.
Here's how it could look like: https://cloudup.com/cnvj5NqMefR
Her notes:
1. Update modal style to bring more in-line with other wp-admin modals — like including an ""x"" for closing (even though there's also a cancel button)
2. Make ""Proceed"" primary
3. Also consider changing ""proceed"" to something more descriptive — maybe connect? Proceed might be okay, it's just such a weird-sounding word. Maybe switch the ""proceed"" in both the description and the button to ""continue.""
4. ""This password will not be..."" could stand to be decreased in size just a little and made a lighter grey, to match descriptions on the settings pages. At the very least, the line-height should decrease.
5. ""Authentication Keys"" is at the same level of hierarchy as the field labels. It should probably be bigger, since it's a header above the labels.
6. Additionally: the modal is really tall for mockup purposes, but would ideally be whatever height we normally max modals out at. Any content not visible because of height would be scrollable in the modal, like we do in others.
See also: #34376",swissspidy,1
38213,Coding standards - html5 friendly?,,General,4.7,normal,normal,Awaiting Review,feature request,new,,2016-10-03T03:47:33Z,2016-10-03T03:47:33Z,"Should it be the time where coding standards meet html5 or at least get mentioned?
In [https://make.wordpress.org/core/handbook/best-practices/coding-standards/html/ html coding standards] there's a few things that should be improved.
- [https://make.wordpress.org/core/handbook/best-practices/coding-standards/html/#self-closing-elements self closing] elements are not necessary anymore [https://www.w3.org/TR/html5/syntax.html#void-elements link]
- [https://make.wordpress.org/core/handbook/best-practices/coding-standards/html/#quotes attributes] don't have to have a value [https://www.w3.org/TR/html5/syntax.html#attributes-0 link]
",rklis,
37075,get_terms() argument documentation should point to WP_Term_Query::__construct(),sjmur,Taxonomy,,normal,normal,Awaiting Review,enhancement,assigned,,2016-06-11T03:43:16Z,2016-10-02T21:41:16Z,"After [37572], it doesn't make sense to keep complete documentation of arguments on `get_terms()`. We should (a) verify that all of the relevant argument documentation has been moved to `WP_Term_Query::__construct()`, and then (b) replace the `$args` documentation on `get_terms()` with a pointer to `WP_Term_Query`. See `get_comments()` and `get_users()` for examples.",boonebgorges,3
37595,Better titles for the Quick Draft dashboard widget,,Administration,,normal,normal,Awaiting Review,enhancement,new,has-patch,2016-08-08T10:48:51Z,2016-10-02T21:33:26Z,"The ""Quick Draft"" dashboard widget shows the recent drafts below the form, with a title that says ""Drafts"":
[[Image(https://cldup.com/bJfUsOstKl.png)]]
And when JS is off, the widget hides the form and shows just the recent drafts with a ""Drafts"" title:
[[Image(https://cldup.com/sc-qAQwCXT.png)]]
By the way, these are just the drafts created by the current user, so if there are drafts from other users, the widget will display just your ones. It's a minor thing for sure, but it's not clear at first sight because the two titles can be a bit misleading. Users may think it's a list of ''all'' the drafts (from all users), while it is not.
At the very least, I'd suggest to consider to change the two titles to make them a bit more clear. Maybe using something like ""Your Recent Drafts"" instead of just ""Drafts"".
Maybe also worth considering if limiting this list to the current user's drafts makes sense or if it should list all the drafts or maybe both types in two separated lists. Personally, I'd be in favor of keeping it simple.
Worth noting when there are more than 3 drafts from the current user, a ""View all"" link will appear:
[[Image(https://cldup.com/9GdGj9hLsI.png)]]
and this link points to the list of drafts from ''all'' users which is OK I guess, maybe just needs to be clarified.
Feedback from the UI team more than welcome :)",afercia,4
36661,Improve `wp_get_attachment_image()` and `wp_get_attachment_image_attributes` docs.,,Media,4.4,normal,minor,Awaiting Review,enhancement,new,,2016-04-25T15:48:55Z,2016-10-02T21:32:38Z,"Hey there,
While looking for a solution for another ticket I've seen that there's not much documentation for `wp_get_attachment_image()`, specifically for the string|array of the `$atts` parameter. I know, that you can get through the code and see that some of them are automatically generated (src, class, alt, srcset, sizes) and that you override them and at the same time you can define an unlimited amount of `$atts`, but perhaps there's other people trying to use the function and they do not know that. We might end up seeing ugly implementations of people trying to add data attributes to images, etc. This function is not documented in the codex, only in the Code Reference site.
I think the most important part to explain is the `scrset` attribute as many people usually tries to use this type of function to deliver different images depending on the device in which the site is seen (Also, this is kind of covered by core in some ways now, but it is poorly documented). Or that you can add classes for retina support.
The same is happening with the `wp_get_attachment_image_attributes` filter within that function. It is not listing the list of attributes that you get by default.
I consider it is worth it to modify the phpdoc (at least) in the hook description, but I'm not sure if the phpdoc should be modified for the function. That's why I wanted to have some feedback before sending a patch.
What do you think? Shall we add docs within the code or we should we leave notes on the code reference site?",juanfra,3
37752,"Detail docs for embed_html, embed_content and embed_content_meta",,Embeds,4.4,normal,normal,Awaiting Review,enhancement,new,needs-docs,2016-08-20T17:39:07Z,2016-10-02T21:30:49Z,"I was trying to find the right action to customize the output of embed post and I found hard to understand which action I should use and how to use it in my plugin between.
I first found that doc:
https://developer.wordpress.org/reference/hooks/embed_html/
'''Possible improvement'''
1. Give details about what this filter actually filters (only the tag)
2. Add links to the others related actions:
https://developer.wordpress.org/reference/hooks/embed_content
https://developer.wordpress.org/reference/hooks/embed_content_meta/
3. Add example of how to use each one of these filters
Feel free to ask me further details if needed.
Thanks!
Matt",matthieuscarset,1
37222,Add better add_shortcode documentation,,Shortcodes,2.5,normal,normal,Awaiting Review,enhancement,new,needs-docs,2016-06-29T09:26:42Z,2016-10-02T21:26:22Z,"When looking at the [https://developer.wordpress.org/reference/functions/add_shortcode/ add_shortcode()] documentation is it is not clear what `$parameters` the the function `$func` has.
Only by looking at [https://developer.wordpress.org/reference/functions/do_shortcode_tag/ do_shortcode_tag()] can you see that there are three parameters `$args`, `$inline_content` and `$shortcode_tag`
",grapplerulrich,3
35968,wp_reschedule_event timestamp overridden when set in the future,,Cron API,4.4.2,normal,normal,Awaiting Review,defect (bug),new,,2016-02-26T20:32:17Z,2016-10-02T21:20:03Z,"I'm doing some work with WP cron and I noticed two issues in the '''wp_reschedule_event()''' code (wp-includes/cron.php).
The first problematic logic is the following:
{{{#!php
= $now ) {
$timestamp = $now + $interval;
} else {
$timestamp = $now + ( $interval - ( ( $now - $timestamp ) % $interval ) );
}
}}}
Based on the function documentation, '''$timestamp''' is the ''Timestamp for when to run the event.''
Let's say that I want to set the first run of the rescheduled event in one hour from now. This if statement overrides the $timestamp based on the interval, practically ignoring my initial $timestamp. If the logic is correct, then something in the documentation should be changed because it's not clear at all.
Btw. I searched trac and found this:
https://core.trac.wordpress.org/changeset/10969
The second issue I see is the last line in that same function:
{{{#!php
theme_location == 'primary' ) {
// add the desired attributes:
$atts['class'] = 'menu-link-class';
}
return $atts;
}
add_filter( 'nav_menu_link_attributes', 'add_specific_menu_location_atts', 10, 3 );
}}}
Notice the `$args->theme_location` instead of `$args['theme_location']`.
That inconsistency would not bother me if I was not providing a fallback function for `wp_nav_menu`. In the fallback function, I call `walk_page_tree`, which in turn calls the `nav_menu_link_attributes` filter, but with `$args` set as an array.
{{{
wp_nav_menu( array(
'theme_location' => 'main',
'fallback_cb' => 'my_default_menu'
) );
function my_default_menu( $args = array() ) {
// get all published posts
$list_args = $args;
$list_args['echo'] = false;
$list_args['walker'] = new Walker_Nav_Menu;
$posts = get_posts( array( 'nopaging' => true ) );
// generate menu HTML
$menu = walk_page_tree( $posts, 0, 0, $list_args );
if ( $args['echo'] ) echo $menu;
else return $menu;
}
}}}
I cannot trace down where the array to object conversion is done.
",Fab1en,3
38147,Add sprintf.js library to WordPress,,External Libraries,,normal,normal,Awaiting Review,enhancement,new,has-patch,2016-09-23T15:50:22Z,2016-10-02T11:54:11Z,"Working on #20491 revealed a need for a `sprintf()` function in JavaScript.
Although ES6 supports some basic string formatting, it's not something core could use in its various JS files. Thus, I suggest adding the very popular [https://github.com/alexei/sprintf.js sprintf.js] library to WordPress.
The minified script is only 3.7 KB in size, the source file is 9.4 KB large. Adding it to core with the `sprintf` handle would not only benefit core but also various plugins and themes in need of such a functionality, especially with translations.",swissspidy,4
17146,Don't limit screen meta tab CSS to content within #screen-meta,koopersmith,Help/About,3.1,normal,normal,Future Release,enhancement,new,has-patch,2011-04-15T20:36:40Z,2016-10-02T11:22:04Z,"Currently, the styles for screen meta tabs are limited to items within #screen-meta. I think we should use the .screen-meta-toggle class instead, so these styles can be used elsewhere in the admin without duplicating the CSS.
I ran into this problem when working on the fullscreen plugin and adding a help tab, but not inside #screen-meta.",koopersmith,2
38210,WPMS sites list table doesn't display the blog name by default,,Administration,,normal,normal,Awaiting Review,enhancement,new,,2016-10-02T10:39:07Z,2016-10-02T11:20:37Z,"I really don't understand why in WPMS sites list table (wp-admin/network/sites.php) page, the blog name is not displayed by default (only in 'excerpt' mode), instead, the URL of the blog is displayed.
It's really difficult to identify the current blog only with only the URL.
Why don't we display the blog name by default in a new column, next to the URL one ?",Mista-Flo,2
38209,Add active theme column to list table on wp-admin/network/sites.php,,Administration,,normal,normal,Awaiting Review,enhancement,new,has-patch,2016-10-02T10:11:15Z,2016-10-02T11:14:15Z,"It will be far easier to know the current active theme of each blog in the ""My sites"" network admin page. It's a valuable information to display for network administrators I guess.
What do you think ?",Mista-Flo,2
27747,Inconsistent type default between `submit_button()` and `get_submit_button()`,,Administration,3.5,normal,normal,Awaiting Review,defect (bug),new,dev-feedback,2014-04-10T08:03:52Z,2016-10-01T22:39:00Z,"One defaults to `$type = 'primary'` while the other defaults to `$type = 'primary large'`.
Shouldn't that last one be `$type = 'primary'` too?",Denis-de-Bernardy,3
33573,Use the site icon introduced in 4.3 for the My Sites page,,Administration,4.3,low,normal,Awaiting Review,enhancement,new,has-patch,2015-08-27T17:27:32Z,2016-10-01T14:37:16Z,"Now that site icons are available in core, we should be able to use them on the network sites/my sites list.",morganestes,6
38203,"Remove `absint` on object IDs in `delete_metadata`, etc",,"Options, Meta APIs",,normal,normal,Awaiting Review,defect (bug),new,,2016-10-01T06:40:14Z,2016-10-01T06:40:14Z,"Absint is run on the object ID in the functions called with a meta key: `delete_metadata()`, `get_metadata()`, `add_metadata()`, `update_metadata()` and `metadata_exists()`.
This leads to unexpected behavior in the event a negative or floating object ID is passed.
Related #37746, #37738, #33372.",peterwilsoncc,
38192,Linking directly into Edit Image mode breaks cropping; imageEdit.init not triggered.,,Media,4.6.1,normal,normal,Awaiting Review,defect (bug),new,has-patch,2016-09-29T20:49:29Z,2016-09-30T23:18:00Z,"I've noticed for a while that when jumping directly into Edit Image mode on an attachment (namely when clicking the ""Edit Image"" link for an attachment inside the Media Manager), trying to crop the image doesn't work.
To reproduce, simply visit the edit link for any attachment with ""&image-editor"" tacked onto the URL. (e.g. /wp-admin/post.php?post=123&action=edit&image-editor)
When you drag to create the crop box, the Selection values keep saying NaN, and so trying to confirm your selection won't do anything, not even give you a visible error.
Currently, the only solution when when this occurs is to click cancel, then the Edit Image button on the screen there, where it properly initializes.
After some debugging in wp-admin/js/image-edit.js, I found the cause was that imageEdit.hold.sizer was undefined, which is set by imageEdit.init(). This method is called when the Edit Image button is clicked manually, but it never get's called on page load when it's triggered automatically.
Not entirely sure where the call should go, but that should be the only adjustment needed to make it work.",dougwollison,2
36184,Eternal loop under certain conditions,,Filesystem API,4.4.2,normal,normal,Awaiting Review,defect (bug),new,has-patch,2016-03-09T16:42:13Z,2016-09-30T20:28:15Z,"I've run into this quite a few times now, and often it puts a massive strain on the server and very rapidly fills the error log if logging is enabled.
An very tight eternal loop in wp_mkdir_p() - wp-includes/functions.php line 1556 to 1613 - can be triggered if a path in the database is wrong.
5 lines from line 1583 read:
{{{#!php
// We need to find the permissions of the parent folder that exists and inherit that.
$target_parent = dirname( $target );
while ( '.' != $target_parent && ! is_dir( $target_parent ) ) {
$target_parent = dirname( $target_parent );
}
}}}
I move wordpress installs around between servers and / or folders quite often, and sometimes an old (and now invalid) upload_path in the DB will cause this to loop forever. Obviously the mistake is mine for not correcting the path up front, but an eternal loop that may write to the error-log on each iteration (if open_basedir is active, possibly under other circumstances too) is not a very graceful way to fail... on a shared host (where you may not have the control I do) it could be pretty catastrophic.
I'm not sure if other conditions are needed to trigger it, but I've only ever seen it when the upload path is wrong... seeing as it won't be triggered unless the path is wrong an easy solution would be to just check if '/' has been reached and throw an error pointing towards the solution...",Mikk3lRo,2
35214,Custom Comment Types,aaroncampbell*,Comments,,normal,normal,Future Release,task (blessed),accepted,,2015-12-24T00:28:11Z,2016-09-30T20:25:40Z,"It's time to take another look at Custom Comment Types. We have a nice stable example in post types, but there's a '''lot''' to do here, so we'll use this as a centralized tracking ticket for everything. As such, I'm sure the description here will be fluid for a while as we figure out how much there is to do.
Here's a rough list of things that need to be looked at and addressed:
* UI/UX - In order for custom comment types to be really useful, we need to put some serious thought into the UI/UX surrounding comments in the admin.
* The `comment_type` field needs to start using `'comment'` instead of `''` for comments. This will mean an upgrade routine as well as some back-compat work.
* We need to decide what to do about non-default comment types in various admin areas (comments table, recent comments, etc). The thing that makes most sense is for `WP_Comment_Query` to be adjusted to only show default comment types (comments, pingbacks, and trackbacks) by default. Additional comment types would then be handled by whatever plugin or theme adds them. Unfortunately, this is a breaking change (comment:58:ticket:12668) because right now those areas show all comment types. Maybe we can create new management areas to be able to pull these out of the default one? Lets put our heads together.
* A lot of existing functions, like `comment_type()`, will need to be fixed to make room for newly registered comment types and their registered strings.
Previous tickets for history:
#25674
#12668
",aaroncampbell,14
38186,Database Collations Bypassed by determine_charset() in wp-db.php,,Charset,4.6.1,normal,normal,Awaiting Review,defect (bug),new,,2016-09-29T14:26:56Z,2016-09-30T19:53:11Z,"The function 'determine_charset' in wp-db.php, since 4.6.0 will try to set the database collation to the best option available, 'utf8mb4_unicode_520_ci'. This makes sense when the collation is not explicitly defined in wp-config.php, and most likely beneficial to novice developers.
However, this assumptive behavior occurs even when the DB collation ''is'' explicitly defined in wp-config, effectively ignoring 'utf8_general_ci', 'utf8mb4_unicode_ci', and collations starting with 'utf8_' in certain environments.
There appears to be no way to force these collations when defined by the developer. If the developer has set the collation in the config file, shouldn't the software obey the word of the developer?
In short, ''a valid database collation set in wp-config should not be bypassed by WP Core.'' There is no workaround that vindicates the logic in determine_charset().
A possible solution would involve determine_charset() checking for a config setting such as 'FORCE_DB_COLLATE'. If true, use the collation defined in wp-config without assuming otherwise.
",natecf,1
37960,Support for selecting radio buttons in media views,joemcgill,Media,,normal,normal,Awaiting Review,enhancement,reviewing,reporter-feedback,2016-09-06T19:16:07Z,2016-09-30T19:15:30Z,"While adding custom settings, using a set of radio buttons, to the Edit Gallery modal, I found that none of them were ever selected when the modal was opened, even though the other form fields were. Digging into the source I found there was no path for handling them.
This patch adds support for pre-selecting the appropriate radio button when a media-view is shown. Currently the function that does so only supports: selects, button-groups, text fields, and checkboxes.
",Enchiridion,2
30439,Twenty Fourteen: Social Menu,,Bundled Theme,4.0.1,normal,normal,Future Release,feature request,new,has-patch,2014-11-21T11:09:51Z,2016-09-30T19:07:35Z,"I would like to see native support for Social Menus in Twenty Fourteen (it's my mainstay theme for now).
I understood from the WordPress.org forums that it is built-in for the Twenty Fifteen theme. It would be great to see that in Twenty Fourteen in a future update
Thank you",wilflare,14
38180,/blog/ URL handled as /category/blog/ also page to post type convert,,Rewrite Rules,,normal,normal,Awaiting Review,defect (bug),new,,2016-09-28T14:54:42Z,2016-09-30T18:19:46Z,"I have a url:
http://mysite.com/blog/
This URL however does not show the page with that slug, but rather shows the contents of
http://mysite.com/category/blog/
Changing the slug to /blog-en/ fixed it and the page is displayed.",internationils,2
30505,Backbone subviews cannot be attached directly to DOM elements,,Administration,,normal,normal,Awaiting Review,defect (bug),new,,2014-11-26T06:22:26Z,2016-09-30T17:30:31Z,"Right now, you need selectors to attach subviews. Even if you have a direct reference to an element in the DOM, it's not possible to attach to this directly.
This is an issue when you're working with an existing DOM structure to attach views, and the elements don't have unique identifiers for a selector.
Backbone itself is happy to let you do this in a lot of places; this is why you can pass in `el` when constructing a view, for example. However, `wp.Backbone.Views` uses `! _.isString` to overload some of the function parameters, which means you can never pass it through.",rmccue,8
31664,Multisite network setup for .htaccess,,Networks and Sites,4.1.1,normal,normal,Awaiting Review,defect (bug),new,,2015-03-17T09:06:42Z,2016-09-30T16:59:17Z,"Hi there,
Sorry if this is not the correct place to post it. But I donot know where then.....
I have 2 multisite installations that were not working.
Dashboard for the Primary site was working. Trying to go to the dashboard for the other sites gave an error code or a loop message. And the other sites where not shown under ""My sites"" (hover function). I was able to have a look at the child site but it had no theme it was just a ""sitemap"" list.
What did I wrong? I thougt....
Here what I did:
================ 1st installation (localhost using XAMPP)
- install wp 4.1.1
- change config.php to multisite
- Copy andPaste ""Network setup"" from Dashboard. Here is the ""problem"", the .htaccess here shows:
{{{
RewriteRule ^([_0-9a-zA-Z-]+/)?(wp-(content|admin|includes).*) D:/Programs/xampp/htdocs/H4Net/$2 [L]
RewriteRule ^([_0-9a-zA-Z-]+/)?(.*\.php)$ D:/Programs/xampp/htdocs/H4Net/$2 [L]
}}}
After a long researching, I have found an advice from a long time ago and applied. The advise where to change these 2 lines to:
{{{
RewriteRule ^([_0-9a-zA-Z-]+/)?(wp-(content|admin|includes).*) /H4Net/$2 [L]
RewriteRule ^([_0-9a-zA-Z-]+/)?(.*\.php)$ /H4Net/$2 [L]
}}}
After this change it works.
================ 2nd installation web based hosting
- install wp 4.1.1
- change config.php to multisite
- Copy andPaste ""Network setup"" from Dashboard. Here is ""again"" the ""problem"", the .htaccess here shows:
{{{
RewriteRule ^([_0-9a-zA-Z-]+/)?(wp-(content|admin|includes).*) sites/MYURL/$2 [L]
RewriteRule ^([_0-9a-zA-Z-]+/)?(.*\.php)$ sites/MYURL/$2 [L]
}}}
The solution I found is to change it to:
{{{
RewriteRule ^([_0-9a-zA-Z-]+/)?(wp-(content|admin|includes).*) $2 [L]
RewriteRule ^([_0-9a-zA-Z-]+/)?(.*\.php)$ $2 [L]
}}}
================================================
My request is:
Althought I have seen it was already asked some time ago, Network setup still doesnot come up with the correct .htaccess information.
When installing I do follow instructions given. This was the issue.....
I am not a technical person, far from that. I am good in copy and paste :-)
I have seen / read a lot of people are the same as I am, or have the same issue as I had.
So if you could please change it in the next update it would help a lot!
BTW Thanks a lot for making wordpress available!!!!!
Cheers,
Helena
PS: sure I can give screenshots of more info if needed.
",wph4,4
30581,http/https pages have different canonical URLs,,Canonical,2.9,normal,normal,Future Release,defect (bug),new,needs-refresh,2014-12-02T22:40:18Z,2016-09-30T16:09:13Z,"If you have SSL turned on, but don't force redirect, http and https pages will have different URLs. Ideally, I think the canonical URL should always use http unless `FORCE_SSL` is turned on.
Even a filter for `rel_canonical` would be better than what we have now. Unhooking and creating your own version of `rel_canonical()` works, but if multiple plugins do this, you end up with multiple canonical URLs set on every page.
Related: #18660, #14458",betzster,6
21989,update_option() calls sanitize_option() twice when option does not exist,,"Options, Meta APIs",,normal,normal,Future Release,defect (bug),new,dev-feedback,2012-09-25T05:04:34Z,2016-09-30T16:02:16Z,"
I just spent several hours tracking down an issue when using the Settings API where `sanitize_option()` is called twice which is unnecessary execution especially if sanitization includes calling an external API for username/password authorization ''(this was how another developer set it up for a plugin I was debugging.)''
What happens is that a call to `update_option()` will call `sanitize_option()` and then if the option wasn't previously in the options table `update_option()` will delegate to `add_option()` which calls `santize_option()` a second time. This would normally be easy to workaround by first calling `get_option()` and testing for `false` and calling `add_option()` instead of `update_option()` if `false`, but not when the Settings API chooses how to call it.
I've looked at the problem and can envision several different ways to solve it such but don't know which the core developers would choose ''(or if they'd choose yet another option I haven't envisioned)'' so I didn't submit a patch:
- Adding a 3rd parameter `$mode` to `sanitize_option()` that identifies the mode ''('add', 'edit', default = 'unknown')'' and thus allow the hook to ignore one of the options ''(this would be more backward compatible but would put the onus on the developer to know to do this)'',
- Adding a 5th parameter `$bypass_sanitize` to `add_option()` defaulted to `false` that is only passed as `true` in `update_option()` allowing `update_option()` to disable the call to `sanitize_option()` found in `add_option()` ''(this would be less backward compatible and hacky, but seemless to the developer)''
- Adding a 3rd parameter `$bypass_sanitize` to `update_option()` defaulted to `false` that is only passed as `true` from `/wp-admin/options.php` allowing `update_option()` to bypass the call to `sanitize_option()` if an `add_option()` will happen ''(this would be less backward compatible and hacky, but seemless to the developer)''
- Have `/wp-admin/options.php` test for no pre-existing option and then call `add_option()` or `update_option()`, respectively ''(this would be seemless to the developer but less backward compatible and not hacky, and it wouldn't handle the general case.)''
So is this worth fixing to save other users and developers debugging time, and to reduce the chance of subtle errors in new code? If yes, how best to approach?",MikeSchinkel,12
28112,bulk_edit_posts() function needs an action hook,,Quick/Bulk Edit,3.9,normal,normal,Awaiting Review,enhancement,new,needs-docs,2014-05-03T18:42:07Z,2016-09-30T10:41:03Z,"Currently, the only method that I can find to save additional data in via bulk edit requires using an `.ajax()` call.
This could be avoided if `bulk_edit_posts()` had a simple action hook at the end before it returns it's results.
{{{
do_action( 'bulk_edit_posts', $post_data );
return array( 'updated' => $updated, 'skipped' => $skipped, 'locked' => $locked );
}}}
",helgatheviking,4
33727,jQuery UI Datepicker has no core styling,,Administration,,low,normal,Awaiting Review,enhancement,new,,2015-09-04T14:08:46Z,2016-09-30T10:00:25Z,"It's possible for plugins to enqueue the jQuery UI Datepicker widget, but doing so does not include any styling, and there is no recommended styling with it to match the color schemes in WordPress's administration area.
This is good in that developers can roll their own to match their needs, but it's bad in that there is no canonical recommended experience for end-users of those plugins.
Right now, the only real viable option is using the kinda-outdated jQuery UI styling generator as a starting off point, and working backwards from there. Even though WordPress core doesn't currently use the jQuery UI Datepicker internally, it might go a long way towards improving date & time experiences (I'm looking at you, post publish time.)",johnjamesjacoby,3
34881,Invalid HTML around the input field for searching themes,adamsilverstein,Themes,4.3,normal,normal,Future Release,enhancement,assigned,has-patch,2015-12-06T20:55:01Z,2016-09-30T08:05:33Z,"There seems to be an invalid HTML structure in the Themes (wp-admin/themes.php) and Add Themes (wp-admin/theme-install.php) pages in the admin screen. There is an input field for searching themes, but it's not in any ancestor `` element.
I'm not sure, but it might cause troubles in some environments such as screen readers. So I propose adding `` element somewhere appropriate to make it valid HTML.
I found this issue at WordCamp US Contributor Day (Accessibility Team).",takayukister,9
37916,Customize: ability to disable content creation in menus,,Customize,4.7,normal,normal,Future Release,enhancement,new,,2016-09-01T20:55:33Z,2016-09-30T05:31:18Z,"There should be a hook to disable the ability to create new posts (and eventually terms, see #37915) in nav menus in the customizer. Ideally, it should be able to be disabled for specific post types as well as all post types. For terms, we'll need to turn it off for the `post_format` taxonomy.
This is being split out from the initial merge in #34923, where there are patches with an approach we could take here.",celloexpressions,8
36281,Importer Fails to import menu items in PHP7,boonebgorges,Import,4.0,normal,normal,WordPress.org,defect (bug),assigned,,2016-03-21T03:09:04Z,2016-09-30T04:10:40Z,"The WordPress Importer plugin fails to import menu items at all with PHP 7 (any WP version). It's a pretty quick fix, though.
I noticed this as part of writing a fix for the importer on wp-cli:
https://github.com/wp-cli/wp-cli/pull/2545#issuecomment-199026539
But it was noticed by others, a couple months ago, and a fix provided:
https://wordpress.org/support/topic/importer-fails-to-import-menu-items-in-php7?replies=6
Since PHP7 has now been officially released for a few months, we're going to see more and more PHP7 installs pop up.
To sum it up:
wordpress-importer.php on line 798
Change:
{{{
$$meta['key'] = $meta['value'];
}}}
To:
{{{
${$meta['key']} = $meta['value'];
}}}",mightyturtle,5
38045,"""unable to completely remove plugin"" after upgrade WP 4.6",,Upgrade/Install,4.6,normal,normal,Awaiting Review,defect (bug),new,reporter-feedback,2016-09-13T22:31:01Z,2016-09-30T04:08:03Z,"We have a multisite sporting primarily Genesis on WP Engine with SSL.
All updating was working prior to the 4.6 upgrade, at which point plugin removal attempts resulted in:
""Unable to completely remove plugin"" error messages.
When the WP version was walked back, we were able to update again. ",wiredpinecone,1
38169,"Remove the ""edit"" link from each plugin row on the Plugins screen",,Plugins,,normal,normal,Awaiting Review,enhancement,new,,2016-09-27T11:25:38Z,2016-09-30T02:08:45Z,"Some very unscientific user testing last week led me to notice an inexperienced user who clicked the `Edit` link next to a plugin when they were looking for its settings panel. They subsequently spent around a minute on this screen before deciding that they weren't in the right place.
Should the `Edit` link in each plugin row be removed? It will reduce clutter on the Plugins screen, and the plugin and theme editors are still available from their respective `Editor` menus.
One disadvantage is the lack of visibility of the plugin editor which is a potential springboard for getting users into development (one of the arguments against removing the editors completely).
Note that the Themes screen no longer shows an `Edit` link anywhere since 3.8.",johnbillion,5
37600,iOS: Readonly attachment URL is not selectable,,Media,3.5,normal,normal,Future Release,defect (bug),new,,2016-08-08T13:09:45Z,2016-09-29T22:30:33Z,"I tried to copy the URL for a image in the media section. The URL field is a ""readonly"" text input field.
On iOS (maybe other mobile OS too?) I just can select the viewable text and nothing more, so I can't copy the whole URL.",zodiac1978,10
37855,Clean WordPress Head - Group together related tags,,Bootstrap/Load,,normal,minor,Awaiting Review,defect (bug),new,has-patch,2016-08-28T08:48:38Z,2016-09-29T21:15:50Z,"This is a request from the Israeli WordPress Community. I'm trying to make some of them get involved in WordPress core development.
Two WordPress users from the SEO industry, asked me to make the WordPress `` cleaner. To update the site's source and group together the `` and `` tags.
'''Not the scripts and stylesheets! ''' Other tags like: [https://developer.wordpress.org/reference/functions/rsd_link/ RSD], [https://developer.wordpress.org/reference/functions/wlwmanifest_link/ WLW], [https://developer.wordpress.org/reference/functions/wp_no_robots/ noindex], [https://developer.wordpress.org/reference/functions/rel_canonical/ canonical], [https://developer.wordpress.org/reference/functions/wp_shortlink_wp_head/ shortlink], [https://developer.wordpress.org/reference/functions/wp_site_icon/ icon] and few others. All those functions echo some kind of `` tag. Changing those tags position in the head has no effect on the site itself.",ramiy,4
35379,update_network_option changes stored option value if sanitize_option detects error,jeremyfelt,"Options, Meta APIs",3.0,normal,normal,Future Release,defect (bug),assigned,has-patch,2016-01-08T23:48:50Z,2016-09-29T20:27:43Z,"If you make a call like
{{{
update_network_option( null, ""admin_email"", ""this.is.not.an.email.address"" );
}}}
then the value of the `admin_email` ''network'' option will be changed to the value of the `admin_email` ''site'' option in the database. Expected behaviour would be that the option value in the database is not changed.
The reason is that `update_network_option` calls
{{{
sanitize_option( ""admin_email"", ""this.is.not.an.email.address"" );
}}}
and writes its return value to the database. However, `sanitize_option` will return the value of `get_option( ""admin_email"" )`, instead of `get_network_option( null, ""admin_email"" )`. See [https://core.trac.wordpress.org/browser/tags/4.4/src/wp-includes/formatting.php#L3863 lines 3863ff. in formatting.php].",thomaswm,27
20537,Don't spawn cron requests for suspended blogs,jeremyfelt,Cron API,3.3.1,normal,normal,Future Release,defect (bug),reviewing,has-patch,2012-04-24T20:40:19Z,2016-09-29T20:23:46Z,"For multisite, spawning cron requests is wasteful and unnecessary. wp_cron()/spawn_cron()/wp-cron.php should check the blog's status and bail if the blog is suspended.",ryan,21
34690,"when user login is required to comment, there should be a link to registration",,Comments,,normal,normal,Future Release,enhancement,new,has-patch,2015-11-15T19:12:17Z,2016-09-29T15:55:23Z,"Right now when user login is required the login form only shows a message about the need to login, but if registration is open, there is no reason not to send the visitor directly to the registretion page.
At the very least the default text of the link to the login page should be changed to some thing like ""Login or Register"" when registration is open.",mark-k,4
37094,wp_get_nav_menu_items should use tax_query,,Menus,3.0,normal,normal,Awaiting Review,enhancement,new,needs-unit-tests,2016-06-13T23:07:07Z,2016-09-29T14:08:25Z,"When the wp_get_nav_menu_items function was introduced in 3.0, taxonomy query were not in core. However, as taxonomy queries are now in core, it removing the need to call get_objects_in_term. Removing this call to get_objects_in_term, is great, as that function is unfilterable and uncached.
It also means that any improves to the taxonomy queries, such as caching or filters could also be put into play here. ",spacedmonkey,2
35016,New plugin version in upgrader object,,Upgrade/Install,4.4,normal,normal,Awaiting Review,enhancement,new,,2015-12-11T16:11:53Z,2016-09-29T08:35:35Z,"The current upgrader object only has the ''old'' plugin version ({{{->skin->plugin_info['Version']}}} unless you parse out the source URL.
{{{
Plugin_Upgrader Object
(
[result] => Array
(
[source] => Q:/dev/webspec-design/wp-content/upgrade/types.1.8.11/types/
[source_files] => Array
(
[0] => admin.php
[1] => classes
[2] => embedded
[3] => help.php
[4] => includes
[5] => marketing
[6] => marketing.php
[7] => plus
[8] => readme.txt
[9] => resources
[10] => wpcf.php
[11] => wpml-config.xml
)
[destination] => Q:\dev\webspec-design/wp-content/plugins/types/
[destination_name] => types
[local_destination] => Q:\dev\webspec-design/wp-content/plugins
[remote_destination] => Q:/dev/webspec-design/wp-content/plugins/types/
[clear_destination] => 1
)
[bulk] => 1
[strings] => Array
(
[skin_upgrade_start] => The update process is starting. This process may take a while on some hosts, so please be patient.
[skin_update_failed_error] => An error occurred while updating %1$s: %2$s
[skin_update_failed] => The update of %1$s failed.
[skin_update_successful] => %1$s updated successfully. Show Details
[skin_upgrade_end] => All updates have been completed.
[skin_before_update_header] => Updating Plugin %1$s (%2$d/%3$d)
[bad_request] => Invalid Data provided.
[fs_unavailable] => Could not access filesystem.
[fs_error] => Filesystem error.
[fs_no_root_dir] => Unable to locate WordPress Root directory.
[fs_no_content_dir] => Unable to locate WordPress Content directory (wp-content).
[fs_no_plugins_dir] => Unable to locate WordPress Plugin directory.
[fs_no_themes_dir] => Unable to locate WordPress Theme directory.
[fs_no_folder] => Unable to locate needed folder (%s).
[download_failed] => Download failed.
[installing_package] => Installing the latest version…
[no_files] => The package contains no files.
[folder_exists] => Destination folder already exists.
[mkdir_failed] => Could not create directory.
[incompatible_archive] => The package could not be installed.
[files_not_writable] => The update cannot be installed because we will be unable to copy some files. This is usually due to inconsistent file permissions.
[maintenance_start] => Enabling Maintenance mode…
[maintenance_end] => Disabling Maintenance mode…
[up_to_date] => The plugin is at the latest version.
[no_package] => Update package not available.
[downloading_package] => Downloading update from %s…
[unpack_package] => Unpacking the update…
[remove_old] => Removing the old version of the plugin…
[remove_old_failed] => Could not remove the old plugin.
[process_failed] => Plugin update failed.
[process_success] => Plugin updated successfully.
[process_bulk_success] => Plugins updated successfully.
)
[skin] => Bulk_Plugin_Upgrader_Skin Object
(
[plugin_info] => Array
(
[Requires WP] =>
[Requires PHP] =>
[GitHub Plugin URI] =>
[GitHub Branch] =>
[GitHub Enterprise] =>
[GitHub CE] =>
[Bitbucket Plugin URI] =>
[Bitbucket Branch] =>
[Bitbucket Enterprise] =>
[Bitbucket CE] =>
[GitLab Plugin URI] =>
[GitLab Branch] =>
[GitLab Enterprise] =>
[GitLab CE] =>
[Name] => Types
[PluginURI] => http://wordpress.org/extend/plugins/types/
[Version] => 1.8.10
[Description] => Define custom post types, custom taxonomies and custom fields.
[Author] => OnTheGoSystems
[AuthorURI] => http://www.onthegosystems.com
[TextDomain] =>
[DomainPath] =>
[Network] =>
[Title] => Types
[AuthorName] => OnTheGoSystems
)
[in_loop] =>
[error] =>
[upgrader] => Plugin_Upgrader Object
*RECURSION*
[done_header] =>
[done_footer] =>
[result] => Array
(
[source] => Q:/dev/webspec-design/wp-content/upgrade/types.1.8.11/types/
[source_files] => Array
(
[0] => admin.php
[1] => classes
[2] => embedded
[3] => help.php
[4] => includes
[5] => marketing
[6] => marketing.php
[7] => plus
[8] => readme.txt
[9] => resources
[10] => wpcf.php
[11] => wpml-config.xml
)
[destination] => Q:\dev\webspec-design/wp-content/plugins/types/
[destination_name] => types
[local_destination] => Q:\dev\webspec-design/wp-content/plugins
[remote_destination] => Q:/dev/webspec-design/wp-content/plugins/types/
[clear_destination] => 1
)
[options] => Array
(
[url] => update.php?action=update-selected&plugins=types%2Fwpcf.php
[nonce] => bulk-update-plugins
[title] =>
[context] =>
)
[plugin_active] => 1
)
[update_count] => 1
[update_current] => 1
)
}}}",eclev91,4
17255,More statuses (like draft and/or private) for media files,,Media,3.1,normal,normal,Future Release,defect (bug),new,,2011-04-27T11:48:11Z,2016-09-29T02:17:53Z,"It's weird that media files don't carry any concept of pub status. If someone wants to upload files (either attached to a post or directly into the library), they should be able to keep them hidden via 'draft' status just like any other content. The fact that people can link to things that haven't been explicitly published is bizarre.
Media files should have a pub status. If uploaded as post attachment, should inherit publish on post publish. Would then need a workflow for if a post becomes unpublished containing media, as it then lives in library for use by other content, so would need to ask if user wants to unpub media files as well. This would be a big shift, so would make most sense as part of a media redux with a long notice period for plugin and theme authors. ",jane,16
28364,WordPress Entry Points (wp-load.php occurrences),,Bootstrap/Load,3.9.1,normal,normal,Awaiting Review,defect (bug),new,,2014-05-26T12:16:56Z,2016-09-29T00:40:52Z,"I was looking for entry point by searching for wp-load.php for plugin refactoring. I mean conditionally use require().
1. There are easy to identify entry points like admin-ajax.php but there are no defines e.g in async-upload.php, wp-loging.php or wp-comments-post.php
2. wp-trackback.php uses a strange way to detect the core `if (empty($wp))`
3. xmlrpc.php uses alone `include()` all others `require()`
4. How to distinguish between admin.php and admin-post.php?
=== Proposal ===
- There should be a uniform way requiring wp-load.
- All entry point should be distinguished by '''different''' defines
== List of entry points and ways to detect them ==
1. frontend: wp-blog-header.php:12 {{{!is_admin()}}}
1. admin GET request: wp-admin/admin.php:30 {{{is_admin()}}}
1. admin POST request: wp-admin/admin-post.php:15 {{{is_admin()}}}
1. admin upload: wp-admin/async-upload.php:16 {{{@$_SERVER['SCRIPT_FILENAME'] === ABSPATH . 'wp-admin/async-upload.php'}}}
1. AJAX call: wp-admin/admin-ajax.php:20 {{{defined('DOING_AJAX') && DOING_AJAX}}}
1. WordPress cron webserver/CLI: wp-cron.php:26 {{{defined('DOING_CRON') && DOING_CRON}}} {{{php_sapi_name() === 'cli'}}}
1. XML-RPC protocol: xmlrpc.php:29 {{{defined('XMLRPC_REQUEST') && XMLRPC_REQUEST}}}
=== Frontend low priority ===
1. wp-comments-post.php:16 {{{@$_SERVER['SCRIPT_FILENAME'] === ABSPATH . 'wp-comments-post.php'}}}
1. wp-trackback.php:12 {{{1 === get_query_var('tb')}}}
=== Dashboard low priority ===
1. wp-login.php:12
1. wp-signup.php:4
1. wp-activate.php:12
1. wp-mail.php:11
=== Exclude from profiling ===
1. wp-links-opml.php:15
1. wp-includes/ms-files.php:12
1. wp-includes/js/tinymce/wp-mce-help.php:9
1. wp-admin/install.php:36
1. wp-admin/install-helper.php:39
1. wp-admin/upgrade.php:18
1. wp-admin/maint/repair.php:10
1. wp-admin/moderation.php:10
Total: '''21 entry points''' as of version 3.9.1
[https://github.com/szepeviktor/WPHW/blob/master/wp-entry-points.md from WPHW]
",szepe.viktor,6
38183,Add hooks to be run before and after each callback,,Plugins,,normal,normal,Future Release,enhancement,new,needs-unit-tests,2016-09-28T23:41:23Z,2016-09-28T23:41:23Z,"Since before the dawn of time, debugging tools have relied on the `all` hook to collect information about how long hooks take to run, and which callbacks are registered to that hook.
This has a few drawbacks. Primarily, it's not possible to collect timing information about individual callbacks, and it's quite difficult to manage recursive hook behaviour.
With that in mind, hooks that run before and after each callback would be quite valuable, but they do need to be considered carefully.
* What kind of performance impact would they have? If there are no callbacks registered to these hooks, there should ideally be no performance impact.
* Should they be `WP_DEBUG` only? This would discourage plugins from abusing them on production systems - they would only be used if the site admin explicitly sets the site to debugging mode.
* Dealing with recursion is fun, should they provide any helpers for indicating recursion level, or is it up to the code hooking into them to handle that?",pento,
21773,Scheduled pages/posts should not appear in custom menus,,Menus,3.0,normal,normal,Awaiting Review,defect (bug),new,reporter-feedback,2012-09-02T14:30:48Z,2016-09-28T20:57:22Z,"When I add a '''scheduled page/post''' in a custom menu the page/post immediately appears in the front-end menu.
I think these scheduled pages/posts should only be visible in the front-end navigation when their scheduled time is reached (as it is the case with automatic menus). Otherwise the ""Schedule"" functionality makes no sense with custom menus, especially for pages.
Here is another forum post regarding this issue: http://wordpress.org/support/topic/custom-menu-support-for-scheduled-pagesposts",Lorangeo,9
30262,Combine wp_terms and wp_term_taxonomy tables,,Taxonomy,,low,normal,Future Release,enhancement,new,,2014-11-05T19:01:10Z,2016-09-28T20:54:35Z,"The two database tables `wp_terms` and `wp_term_taxonomy` are designed to facilitate ""shared terms"": single ""terms"" that are shared by multiple ""term-taxonomy"" pairs. In 4.1 we've begun the process of phasing out shared terms (#5809, #21950), and at some point we'll be able to guarantee that items in `wp_terms` are in one-to-one correspondence with those in `wp_term_taxonomy` (#30261). Once this has happened, we have no more need for two tables. So let's get rid of one of them.
The primary benefit of merging the two tables is that, over time, we can simplify the internals of much of our taxonomy API. No more JOINS will be necessary in `get_terms()`. There will be no need for `WP_Tax_Query::transform_query()`. And so forth. This will make the component easier to maintain, and will improve cachability and overall performance. A subsidiary benefit is that it makes the system a bit more sane for developers who are learning it for the first time.
The main concern in the process of merging the two tables is backward compatibility. As [https://make.wordpress.org/core/2013/07/28/potential-roadmap-for-taxonomy-meta-and-post-relationships/ outlined by nacin in 2013], we have a pretty good plan for how we can maintain close to 100% backward compat. Two parts:
1. The table aliases `$wpdb->terms` and `$wpdb->term_taxonomy` should point to the same merged table, which will include all columns from both existng tables. This will provide support for anyone using these aliases to perform taxonomy queries.
2. Create a [https://dev.mysql.com/doc/refman/5.0/en/views.html MySQL view] that replicates the deprecated table. This will provide support for anyone querying the table with syntax like `$wpdb->get_blog_prefix( $blog_id ) . 'terms'`.
We can't do the migration for at least a version or two after #30261 is complete - we have to give time to all installations to get their shared terms cleared out before we can think about putting the tables together.
A viable patch for this ticket will include: a schema change to introduce the view, the migration logic to move the old columns into the new combined table, and the necessary changes to `$wpdb`.",boonebgorges,5
12104,'moderate_comments' capability by itself should grant the user the permission to See/Edit all comments from the Comments menu.,,Comments,3.0,normal,normal,Future Release,defect (bug),new,has-patch,2010-01-31T22:25:24Z,2016-09-28T19:20:33Z,"I tried to create a Comment Moderator role today and realized it wouldn't work. My intention was to create a role for people who can't write or edit posts, but can keep an eye on the comment threads. I created the role like so:
{{{
#!php
add_role('moderator', 'Moderator', array(
'read' => 1,
'moderate_comments' => 1,
));
}}}
... then created a new user with that role. When I logged in as my test user, I realized that it was for all intents and purposes a Subscriber. I couldn't see any admin panels but the Dashboard, my profile, and the Tools. I went poking around in edit-comments.php and discovered that it's checking for another capability altogether:
{{{
#!php
if ( !current_user_can('edit_posts') )
wp_die(__('Cheatin’ uh?'));
}}}
I double-checked wp-admin/includes/menu.php and it agreed that 'edit_posts' was the minimum capability to see this page, so I tried adding 'edit_posts' to my new role, and I still couldn't get there.
Later on in edit-comments.php, when actually trashing a comment, there is a check for 'moderate_comments', but it's a moot point: this screen doesn't even show up in the admin menu, and if you navigate directly to it, you'll get the ""You do not have sufficient permissions to access this page"" message.
I thought it was entirely possible I'd missed some finer point of creating roles, so I redid it with Justin Tadlock's excellent Members plugin, and that didn't work either.
This behavior might be intentional, but if so, I'm not following the logic. I know roles are due for an overhaul in the next version or two.",sillybean,28
17025,wp_list_authors() is not filterable,,Query,,normal,normal,Future Release,enhancement,new,dev-feedback,2011-04-02T17:30:10Z,2016-09-28T19:19:19Z,"The template function wp_list_authors() is not filterable. Plugins may use existing WP_Query hooks to filter some authors' posts out of the result set, making the unfiltered authors list invalid.
The corresponding patch adds query filter 'list_authors_query'",kevinB,16
28732,"There's no way to open the ""theme details"" or previewer in a new tab.",,Themes,3.8,normal,normal,Future Release,defect (bug),new,dev-feedback,2014-07-03T15:14:59Z,2016-09-28T19:07:28Z,"E.g. when you use command + click on a mac, it should open a new tab. The ""modal"" acts like a separate page because it has its own url and does not overlap the main navigation, so it makes sense to me to have that option.
This is useful when you want to compare some themes, or want to come back to it later.",iseulde,17
36842,"More global event hooks using the media.events, like ""modal:open"", ""modal:close"", etc",,Media,4.6,normal,normal,Awaiting Review,feature request,new,,2016-05-15T00:30:04Z,2016-09-28T16:52:58Z,"There seem to be plentiful hooks in the media backbone system, but most require listening to the frame/controller/etc vs having global hooks/events to listen to. This, obviously, would be much like WP's `do_action`. Each event should pass contextual info including the frame/controller/etc object.
Select2 (as well as most JS modal libs) provides an example of prior art: [https://select2.github.io/examples.html#events]
Using that implementation as an example, we could do something like:
`wp:media:open` is fired whenever the modal is opened. `wp:media:opening` is fired before this and can be prevented.
`wp:media:close` is fired whenever the modal is closed. `wp:media:closing` is fired before this and can be prevented.
`wp:media:highlight` is fired whenever a result is highlighted (clicked).
`wp:media:unhighlight` is fired whenever a result is unhighlighted.
`wp:media:select` is fired when a result is chosen and modal is closed. `wp:media:selecting` is fired before this and can be prevented.
`wp:media:change` is fired whenever the modal changes state. `wp:media:changing` is fired before this and can be prevented.
",jtsternberg,2
27177,Child themes should inherit parent theme customizer settings on activation / switching,,Themes,3.8,normal,normal,Awaiting Review,enhancement,new,has-patch,2014-02-21T20:37:01Z,2016-09-28T16:38:41Z,"Currently, if you install a parent theme and utilize the theme customizer, and then create a child theme and live preview or activate it, it does not inherit any of the settings previously set for the parent theme.
If a child theme doesn't have any existing values from the customizer setting, then it should look for and import those from the parent theme if they exist (perhaps on the switch_theme hook).
The current setup is a discouragement to using a child theme if the user has already invested time using the customizer with their parent theme.",krogsgard,23
30401,Media Library Crashes Browser Frequently,,Media,4.0,normal,normal,Awaiting Review,defect (bug),new,has-patch,2014-11-19T07:39:02Z,2016-09-27T23:41:41Z,"Since the updates to Media Library issue of Chrome crashing 1) as I scroll through the many images that auto-scroll when it would be better to paginate the sheer number, and 2) when users uploaded very large files, Media Library crashed just trying to load.",leedman,4
14711,Indexes for comment_author_email and user_id,,Database,3.0,normal,normal,Future Release,defect (bug),new,,2010-08-27T07:18:30Z,2016-09-27T18:12:21Z,"There are currently no indexes on any of the author columns in wp_comments. That means there's no efficient way to count the comments written by a given commenter, for example.
The enclosed patch adds two separate non-unique indexes, one each for comment_author_email and user_id.
",tellyworth,13
31746,get_blogs_of_user() can be very slow when a user is a member of thousands of sites,johnbillion,Users,3.0,normal,normal,Future Release,defect (bug),reviewing,has-patch,2015-03-24T02:19:45Z,2016-09-27T16:44:27Z,"When a user belongs to thousands of sites, the array of `$blogs` can become rather large. Considering get_blogs_of_user is called in many places on every page-load when a user is logged in, Some optimization should happen here. Not counting the multisite admin pages, `get_blogs_of_user()` is called from the functions `is_user_member_of_blog()`, `get_dashboard_url()`, and `WP_Admin_Bar::initialize()`. I propose the results of the function to at least be stored to a static variable to prevent multiple lookups to the same information. I also propose that a pre-fetch filter (pre_get_blogs_of_user ?) be added so that a plugin can override that information and provide something more efficient if the need arises.",jtsternberg,25
38173,Meta query creates unecessary multiple left joins when using the same meta key,,Database,4.6,normal,normal,Awaiting Review,defect (bug),new,,2016-09-27T16:36:27Z,2016-09-27T16:36:27Z,"If you specify the below as a meta_query wordpress creates an extremely bad and inefficient query, it seems to unnecessarily create a left join for each array even though they have the same key when it could use the same join
{{{#!php
'OR',
array(
'key' => 'product',
'value' => '1',
'compare' => '!='
),
array(
'key' => 'product',
'compare' => 'NOT EXISTS'
)
);
}}}
{{{
SELECT SQL_CALC_FOUND_ROWS vvc_posts.ID FROM vvc_posts LEFT JOIN vvc_postmeta ON ( vvc_posts.ID = vvc_postmeta.post_id ) LEFT JOIN vvc_postmeta AS mt1 ON (vvc_posts.ID = mt1.post_id AND mt1.meta_key = 'product' ) WHERE 1=1 AND (
( vvc_postmeta.meta_key = 'product' AND CAST(vvc_postmeta.meta_value AS CHAR) != '1' )
OR
mt1.post_id IS NULL
) AND vvc_posts.post_type = 'news' AND ((vvc_posts.post_status = 'publish')) GROUP BY vvc_posts.ID ORDER BY vvc_posts.post_date DESC LIMIT 0, 10
}}}
On my site this query takes a huge 6.640 sec, more than 80% of the page's ttfb.
{{{
SELECT SQL_CALC_FOUND_ROWS vvc_posts.ID
FROM vvc_posts
LEFT JOIN vvc_postmeta ON ( vvc_posts.ID = vvc_postmeta.post_id && vvc_postmeta.meta_key = 'product')
WHERE 1=1
AND (CAST(vvc_postmeta.meta_value AS CHAR) != '1' OR vvc_postmeta.post_id IS NULL )
AND vvc_posts.post_type = 'news'
GROUP BY vvc_posts.ID
ORDER BY vvc_posts.post_date
}}}
whereas an optimized version takes only 0.969 sec.",neonWired,
36589,Don't use localhost in Tests_Image_Header tests,,Customize,3.9,normal,normal,Future Release,defect (bug),new,,2016-04-19T09:06:32Z,2016-09-27T14:08:57Z,"`Tests_Image_Header::test_create_attachment_object()` and `Tests_Image_Header::test_insert_cropped_attachment()` are passing `http://localhost/foo-cropped.png` to `Custom_Image_Header::create_attachment_object()`. This method is using `getimagesize()` for the URL. I'm not sure if this a config issue but it seems like the timeout is pretty high so the tests are taking a minute to complete.
Output of PHPunit:
{{{
1) Tests_Image_Header::test_create_attachment_object
ImagickException: getimagesize(http://localhost/foo-cropped.png): failed to open stream: Connection refused
src/wp-admin/custom-header.php:1160
tests/phpunit/tests/image/header.php:116
2) Tests_Image_Header::test_insert_cropped_attachment
ImagickException: getimagesize(http://localhost/foo-cropped.png): failed to open stream: Connection refused
src/wp-admin/custom-header.php:1160
tests/phpunit/tests/image/header.php:132
}}}",ocean90,3
34475,get_comment_link incorrect page number in returned url.,,Comments,4.3.1,normal,normal,Awaiting Review,defect (bug),new,needs-unit-tests,2015-10-28T16:36:42Z,2016-09-27T09:06:44Z,Since 4.3 core update the get_comment_link function returns incorrect page numbers for paginated comments. Have tried using default twentyfifteen theme with no plugins enabled and issue still persists.,Property118,15
27645,MediaElement.js player & playlist not keyboard accessible,wonderboymusic,Media,3.6,normal,normal,Future Release,defect (bug),assigned,,2014-04-03T00:00:57Z,2016-09-27T07:37:44Z,"The controls for MediaElementJS have an option to be always visible. When they are always visible, they are keyboard accessible, allowing keyboard-dependent users to play/pause, adjust volume, and go fullscreen in the video player.
When it is not always visible, there is no means to make it focusable using the keyboard.
This patch changes the setting to make the controls always visible. ",joedolson,10
38017,Add widget instance to remaining widget argument filters,Takahashi_Fumiki,Widgets,,normal,normal,Awaiting Review,enhancement,assigned,has-patch,2016-09-10T13:38:28Z,2016-09-27T01:50:10Z,"In #20788 and #33944, the `$instance` argument was added to these filters:
* `widget_nav_menu_args`
* `widget_links_args`
For consistency, other widget argument filters should have it too:
* `widget_archives_dropdown_args`
* `widget_archives_args`
* `widget_categories_dropdown_args`
* `widget_categories_args`
* `widget_pages_args`
* `widget_comments_args`
* `widget_posts_args`
* `widget_tag_cloud_args`",SergeyBiryukov,3
38115,Add Highlight button to TinyMCE toolbar to allow highlighting (replaces Underline with element),,TinyMCE,,normal,normal,Awaiting Review,enhancement,new,,2016-09-20T21:11:40Z,2016-09-26T22:26:56Z,"Extending #27159
Highlighting of content has become popularized thanks to platforms like Medium, and providing a proper semantic highlighting function in the TinyMCE editor will allow authors to bring attention to content without adding emphasis - an important difference for accessibility.
The Highlight button would trigger the `` element: https://developer.mozilla.org/en/docs/Web/HTML/Element/mark
Reasoning:
With the removal of the Underline button, authors will not be able to highlight text without either emphasizing or strongly emphasizing it, or using the text editor to manually apply the `` element. Why is this needed? Emphasis changes the meaning of content, especially when using accessibility tools like screen readers, and it is unreasonable to expect the average WordPress user to know the existence and purpose of relatively obscure HTML elements.",mor10,5
30299,Inconsistent custom-background Body Class Behavior,,Customize,,normal,normal,Awaiting Review,defect (bug),new,dev-feedback,2014-11-09T15:25:44Z,2016-09-26T22:14:07Z,"Possibly related to #22030 and [21054] (specifically [https://core.trac.wordpress.org/changeset/21054#file2 this])
Currently there’s a problem with the following code:
{{{
if ( get_theme_mod( 'background_color' ) || get_background_image() )
$classes[] = 'custom-background';
}}}
On newly installed blogs `get_theme_mod( 'background_color' )` will return `false`, while on blogs that have a custom background set and then reverted to the default background color declared by the theme `get_theme_mod( 'background_color' )` will return the hex string of the default background.
1. Activate a new site.
2. `var_dump( get_theme_mod( 'background_color' ) )` will give you `false`.
3. Set a custom background color.
4. Set the background back to its default color declared by the theme.
5. `var_dump( get_theme_mod( 'background_color' ) )` will give you the string of the background color.
What this means is that themes cannot safely rely on `.custom-background` as a helper class without inconsistent behavior. I’ve had to write my own function to determine when a background has really been customized:
{{{
}}}
The strange thing is, that when they have authored one post, the oEmbed class does the job perfectly, but, when they don't have authored any post, the oEmbed doesn't work.
I've looked inside the core and that led to the file ""wp-includes/class-wp-embed.php|"" at line 181. It checks if there's a post, when not, it's not embedding.
When i delete this line, it works for authors without and with posts.",dannydehaan,15
24040,"Use ""posts"" instead of ""topics"" (in tagcloud tooltips)",,Text Changes,,normal,normal,Awaiting Review,enhancement,new,has-patch,2013-04-11T01:56:36Z,2016-09-25T22:36:02Z,"Hello,
I suggest use ''post(s)'' instead of ''topic(s)'' [http://core.trac.wordpress.org/browser/trunk/wp-includes/category-template.php#L563 here].
""Topics"" is very related to forums (bbPress), while ""Posts"" are more general term I think?
Thanks",Dianakc,8
38157,Add tests for get_post_type_labels(),,"Posts, Post Types",,normal,normal,Awaiting Review,enhancement,new,has-patch,2016-09-25T20:25:05Z,2016-09-25T20:25:05Z,"Working on #26511 and #29783, I'd thought it would be a good idea to have tests covering `get_post_type_labels()` in case we'd have to do some refactoring.",swissspidy,
36897,"""You do not have sufficient permissions to access this page."" should have relevant links to go back to dashboard.",,Plugins,4.6,normal,normal,Awaiting Review,enhancement,new,,2016-05-21T03:45:54Z,2016-09-25T20:21:03Z,"The ""You do not have sufficient permissions to access this page."" screen has no information where to go after seeing this error on screen.
It would be better if there is a link to go back to the dashboard or maybe even better if the admin bar is visible on the screen with this error message.",Nikschavan,5
37825,Introduce functions to check whether there are multiple taxonomy terms,,Themes,,normal,normal,Awaiting Review,enhancement,new,needs-unit-tests,2016-08-25T12:33:10Z,2016-09-25T20:08:48Z,"We've had a function `is_multi_author()` since version 3.2.0, which is regularly used by themes to check if a site has multiple authors with published posts.
A similar function is often needed by themes for taxonomies (mostly categories), for example the latest default themes have contained a function `*_categorized_blog()`. I think this functionality is essential for several themes, and we can make their lifes easier by providing these functions to them (especially since several theme authors don't really wanna mess with hooks for invalidating transients).
Of course, for backward compatibility a theme should check whether that function exists, and if not, it still needs to take care of things by itself. However, I think this will still be a good solution long-term to include this functionality in WordPress Core.",flixos90,6
37516,Site title and tagline: allow ability to hide each independently,,Customize,,normal,normal,Awaiting Review,defect (bug),new,,2016-07-29T17:44:11Z,2016-09-25T19:21:11Z,"By adding the ability for users to turn on or off the site title and tagline individually we would allow more flexibility. Currently it's both or none, this does not allow the flexility that users want over their site. There are valid cases where people do not want either.",karmatosed,4
20842,Buttons are not on the same line when saving a post as pending (RTL),SergeyBiryukov*,I18N,3.4,normal,normal,Future Release,defect (bug),accepted,,2012-06-04T23:58:11Z,2016-09-25T18:51:42Z,Please check attachment.,rasheed,16
15394,"Ancient ""Are you sure you want to do this"" now confusing",,Security,3.1,normal,minor,Future Release,defect (bug),new,dev-feedback,2010-11-11T21:51:26Z,2016-09-25T18:45:22Z,"The default failing nonce message did not pass the wife test. Asking ""Are you sure you want to do this?"" now that there is no longer ""OK"" and ""Cancel"" buttons is confusing and my wife just asked me ""How do I tell I'm sure?""
Not sure about the best wording, I took the same approach as Twitter's expired OAuth token links with a message that does not let user think there is something to confirm.",ozh,12
22822,New media: 'Create a new gallery' button should indicate that it's the first of two steps,chriscct7,Media,3.5,normal,normal,Awaiting Review,enhancement,reviewing,dev-feedback,2012-12-08T00:35:34Z,2016-09-25T18:43:18Z,"When creating a gallery, the primary action button at the bottom of the screen says 'Create a new gallery'. This button is actually the first of two steps, but this button doesn't make that clear.
It should either have an ellipsis appended, which is a standard UI convention for a non-immediate action, or it should say something like 'Next »'",johnbillion,3
31284,List tables with fixed header on scroll,,Administration,,normal,normal,Future Release,feature request,new,,2015-02-10T16:33:44Z,2016-09-25T18:37:18Z,"I think it would be interesting, the WordPress through their APIs, allowing fix the header of a table when the scroll action is happening.
A page that could make use of this functionality is the Posts list.
[[Image(http://i.imgur.com/86AE2x0.png)]]
and
[[Image(http://i.imgur.com/O7v0Rfg.png)]]
When the user has many posts, to scroll down the page, the table header is not more visible.
This could also be very useful for plugin authors. That have pages with listings.",Apiweb,2
11311,"kses converts ampersands to & in post titles, post content, and more",,"Posts, Post Types",2.9,normal,normal,Future Release,defect (bug),new,,2009-12-03T01:49:32Z,2016-09-25T11:33:27Z,"Make a test user that has the ""author"" role (i.e. no `unfiltered_html`) and write a post with a title that has `&` in it. After saving, it will becomes `&` due to `wp_filter_kses()`. It gets saved in the database this way too.
It's confusing to the user.",Viper007Bond,17
34436,Issue with wp.customizer.panel('name').focus().,,Customize,4.3.1,normal,normal,Future Release,defect (bug),new,,2015-10-25T01:40:03Z,2016-09-25T06:00:29Z,"This is a small bug (feature?) when using wp.customizer.panel('panel-name').focus().
If you have a Section open (the options being displayed), wp.customizer.panel('parent-of-that-section').focus(); will not switch focus from the section display to the parent panel. Using wp.customizer.panel('any-other-panel').focus(); works.
My new theme interface builds an auxiliary menu to more easily navigate all the panels and sections, and it all works nicely except this case.
I can provide a beta of my theme that demos this if needed. This is likely not really critical, but it does not work as one would expect. This issue manifests in both 4.3.1 and 4.4 beta 1.",wpweaver,1
37276,tax_query with field=name doesn't work if the term contains an apostrophe,,Taxonomy,,normal,normal,Awaiting Review,defect (bug),new,needs-unit-tests,2016-07-04T21:24:28Z,2016-09-24T17:38:19Z,"Related to the bug in #27810.
If you create a tax_query with field=name and term containing an apostrophe, eg:
{{{
new WP_Query(array(
'tax_query'=>array(
array(
'taxonomy'=>'sample-tax',
'field'=>'name',
'terms'=>""Test's""
)
)
));
}}}
the query built in the transform_query function in class-wp-tax-query.php comes back with:
`... AND wp_terms.name IN ('Test\\\'s')`
and thus generates no results.
It looks like the apostrophe is getting double escaped by both the `esc_sql` and `sanitize_term_field` calls in @boonebgorges patch.
Stab in the dark - in `wp_insert_term`, `wp_unslash` is called on the name field after sanitizing it - does the same need to apply here?",smerriman,8
34335,URL shorteners ( redirects) should to be supported by the embed handling for couple of hops,swissspidy,Embeds,2.9,normal,normal,Awaiting Review,defect (bug),reviewing,,2015-10-16T22:35:15Z,2016-09-24T16:21:50Z,"It should be possible to use URL shorteners ( redirects) to load embeds.
I have been testing the new embeds feature and have found that a Bit.ly link doesn't work, but the resolved link does
I believe we should support at least one hop if not two
",pbearne,10
38148,Do not store URL protocol in the database,,Formatting,,normal,normal,Awaiting Review,enhancement,new,,2016-09-23T16:24:43Z,2016-09-24T11:05:19Z,"We should not store the protocol of files in the database.
Instead of `http://mysite.com/wp-content/uploads/image.png` we could strip the protocol while saving the entry and save it as `//mysite.com/wp-content/uploads/image.png` instead.
This will make http/https issues a lot easier to address, and hopefully ease migrations to HTTPS.
There are a bunch of plugins out there that can do this, but they shouldn't have to... This is something that can be done in-core a lot more efficiently for everyone.",aristath,8
38150,Stop using dashicons to show checked state of checkboxes,,General,,normal,normal,Awaiting Review,defect (bug),new,,2016-09-23T19:23:53Z,2016-09-24T08:25:57Z,"Checkboxes should use the default system to indicate they are checked. ( uses a dashicon check icon instead of the system's default check ui.",EmpireOfLight,1
18493,HTML emails,westi,Mail,3.2,normal,normal,Future Release,enhancement,reviewing,needs-refresh,2011-08-22T00:29:44Z,2016-09-23T22:37:01Z,"Wojtek worked on the Enhanced E-Mails project for GSoC this summer. It's definitely something that would be nice to have in core. The plugin already exists in the repository - [http://wordpress.org/extend/plugins/enhanced-emails/ Enhanced Emails]. There are still some things that need to be cleaned up in the code, but it works pretty well.
I'm hoping we can clean it up, test it, and get it in core. ",aaroncampbell,25
22938,Presentation of hierarchical taxonomy in Media modal should be checkboxes rather than comma-separated tag list,wonderboymusic,Media,3.5,normal,normal,Future Release,enhancement,assigned,,2012-12-14T14:10:16Z,2016-09-23T17:24:07Z,"Since 3.5, using register_taxonomy_for_object_type on attachments, if the taxonomy used is hierarchical, whereas in the edit attachment UI you see the normal list of checkboxes, in the corresponding modal it is presented as a comma-separated list of slugs, as if it were a non-hierarchical taxonomy (tags rather than categories). I'm sure this is not a bug / mistake / oversight, but at best it's a little unintuitive (you need to have memorised the category slugs to add new ones) and worst a bit dangerous (risk of adding unwanted categories), and it would be great if in future it was presented here too as a list of checkboxes. ",yeswework,16
37549,Add optional parameter to wp_generate_attachment_metadata for image dimensions.,joemcgill,Media,4.6,normal,normal,Awaiting Review,enhancement,reviewing,has-patch,2016-08-02T22:00:41Z,2016-09-23T17:04:01Z,"My plugin [https://wordpress.org/plugins/scalable-vector-graphics-svg/ Scalable Vector Graphics] received a support request, [https://wordpress.org/support/topic/svg-in-image-gallery-is-not-working?replies=16#post-8710513 SVG in image gallery is not working] -- which caused me to do some digging in core.
I realized the reason the Theme wasn't doing what it intended to do is because it is reyling on
`wp_get_attachment_metadata()` -- which lead me to realize that SVG files -- although being uploaded and working for the most part, are missing the meta information normally generated for images such as JPG files.
The function that does that is `wp_generate_attachment_metadata`.
The reason it is not doing that is because `file_is_displayable_image` is returning false, which I can override if I want with the filter -- BUT -- the function also depends on `getimagesize` -- which I cannot navigate around and does not work with SVG files.
It would be cool if
{{{#!php
array(
'name' => 'Events',
'singular_name' => 'Event',
),
'public' => true,
'publicly_queryable' => true,
'show_ui' => true,
'show_in_menu' => true,
'query_var' => false,
'rewrite' => false,
'capability_type' => 'post',
'hierarchical' => false,
'menu_position' => 5,
'menu_icon' => 'dashicons-tickets-alt',
'supports' => array(
'title',
'editor',
'thumbnail',
),
'taxonomies' => array(
'post_tag',
'my_category',
),
);
}}}
Then I called
{{{#!php
$args_post_type = array(
'feed' => false,
'paged' => false,
'ep_mask' => EP_NONE,
'endpoints' => false,
);
add_permastruct('events', 'events/%event%', $args_post_type);
}}}
The resultings rewrite rules are :
{{{
'events/[^/]+/attachment/([^/]+)/?$' => string 'index.php?attachment=$matches[1]' (length=32)
'events/[^/]+/attachment/([^/]+)/trackback/?$' => string 'index.php?attachment=$matches[1]&tb=1' (length=37)
'events/[^/]+/attachment/([^/]+)/feed/(feed|rdf|rss|rss2|atom)/?$' => string 'index.php?attachment=$matches[1]&feed=$matches[2]' (length=49)
'events/[^/]+/attachment/([^/]+)/(feed|rdf|rss|rss2|atom)/?$' => string 'index.php?attachment=$matches[1]&feed=$matches[2]' (length=49)
'events/[^/]+/attachment/([^/]+)/comment-page-([0-9]{1,})/?$' => string 'index.php?attachment=$matches[1]&cpage=$matches[2]' (length=50)
'events/[^/]+/attachment/([^/]+)/embed/?$' => string 'index.php?attachment=$matches[1]&embed=true' (length=43)
'events/([^/]+)/embed/?$' => string 'index.php?event=$matches[1]&embed=true' (length=38)
'events/([^/]+)/trackback/?$' => string 'index.php?event=$matches[1]&tb=1' (length=32)
'events/([^/]+)(?:/([0-9]+))?/?$' => string 'index.php?event=$matches[1]&page=$matches[2]' (length=44)
'events/[^/]+/([^/]+)/?$' => string 'index.php?attachment=$matches[1]' (length=32)
'events/[^/]+/([^/]+)/trackback/?$' => string 'index.php?attachment=$matches[1]&tb=1' (length=37)
'events/[^/]+/([^/]+)/feed/(feed|rdf|rss|rss2|atom)/?$' => string 'index.php?attachment=$matches[1]&feed=$matches[2]' (length=49)
'events/[^/]+/([^/]+)/(feed|rdf|rss|rss2|atom)/?$' => string 'index.php?attachment=$matches[1]&feed=$matches[2]' (length=49)
'events/[^/]+/([^/]+)/comment-page-([0-9]{1,})/?$' => string 'index.php?attachment=$matches[1]&cpage=$matches[2]' (length=50)
'events/[^/]+/([^/]+)/embed/?$' => string 'index.php?attachment=$matches[1]&embed=true' (length=43)
}}}
Looking at class-wp-rewrite.php, I noticed in generate_rewrite_rules() that piece of code that forces the $post flag for CTP
{{{#!php
if ( ! $post ) {
// For custom post types, we need to add on endpoints as well.
foreach ( get_post_types( array('_builtin' => false ) ) as $ptype ) {
if ( strpos($struct, ""%$ptype%"") !== false ) {
$post = true;
// This is for page style attachment URLs.
$page = is_post_type_hierarchical( $ptype );
break;
}
}
}
}}}
and that piece of code that unconditionnaly add extra endpoints / feeds... for post
{{{#!php
// If we're matching a permalink, add those extras (attachments etc) on.
if ( $post ) {
// Add trackback.
$rewrite = array_merge(array($trackbackmatch => $trackbackquery), $rewrite);
}}}
Could confirm that problem?
Thanks",solo14000,3
33756,Improve docs for sanitize_title(),psdtohtmlguru,"Posts, Post Types",,normal,normal,Future Release,defect (bug),assigned,,2015-09-06T22:15:07Z,2016-09-23T09:25:29Z,It's not immediately clear what `sanitize_title()` does. Adding doc modifications.,ericlewis,10
36961,wp_roles displays incorrect roles in multisite,,Role/Capability,4.2,normal,normal,Future Release,defect (bug),new,needs-unit-tests,2016-05-27T18:24:06Z,2016-09-23T08:57:41Z,"The WP_User class accepts a 3rd parameter for a site ID, but this never translates over to roles.
In class-wp-user.php WP_User->_init_caps() the correct capabilities are retrieved from the database, but when WP_User->get_role_caps() gets called, the first thing it does is fire wp_roles() in capabilities.php This will global $wp_roles or if not set, it will initialize a new WP_Roles class.
Where this becomes a problem is if you're not on the site you're checking the roles on, wp_roles() returns the roles of the current site instead. Back in WP_User->get_role_caps(), the arrays get filtered and since there's a mismatch of roles defined on current site vs roles actually assigned to user, you will get an empty array as a result when looking at WP_User->roles
To see this in action, I set up a test multisite install to confirm. I deleted all roles but admin on the main site, then created 2 new arbitrary roles. I then created a second site in the install, deleted all roles but admin, and created another arbitrary role. I added a new user to the install. If I go to network admin and attempt to assign the user to site 2, the roles drop down displays the roles defined on site 1 rather than site 2. If I go to the dashboard of site 2 and go to add the user, I see the correct roles available.
I'm not sure if this is intended behavior, though I can't imagine it is as it leads to a bug in network admin allowing a user to be set to a role that potentially doesn't even exist on the site you assign them to.
I've tested this from WP 4.2-4.5 and get the same results in wp-admin
Logging as roles/capabilities component, because even though it affects multisite, I think the core issue exists in roles and capabilities. ",ryanduff,5
37156,Multisite: WP-generated permalink for title-less post does not work (Or: numeric post slug that matches existing post ID number generates 404 error),,"Posts, Post Types",4.4.3,normal,normal,Awaiting Review,defect (bug),new,reporter-feedback,2016-06-23T00:51:59Z,2016-09-23T07:47:26Z,"On a Multisite installation, a permalink with a post-name structure results in a 404 error when its slug is a number and that number matches an existing post ID number. Example: http://myblog.com/blog/7 where a post (any post) has an ID of 7.
When WordPress generates a slug for a title-less post, it forms the slug using the post ID. Since the post ID is (now) in use, the default permalink for the title-less post is broken.
It appears ticket #5305 resolved the issue for regular installs by automatically appending -2 to the slug (http://myblog.com/blog/7-2). Can this be done for Multisite? Or better yet, use some other more elegant designation that doesn't imply that this is the second of two posts using 7 for the slug?
To replicate:
Use a Multisite installation.
Set permalinks to Post name structure.
Create a post without a title.
Note that the generated slug is the ID number of the post.
Save and then click on the Permalink slug below the title text field.
Arrive at 404 page.
In admin, change the slug to include a character.
Try again.
Arrive at correct page.
You can also see the same behavior by choosing any titled post in admin and changing its slug to a number that matches its own or any other existing ID.
",raskull,4
31071,media / post_mime_type related queries are very slow on larger sites,pento,Media,4.1,normal,normal,Future Release,defect (bug),assigned,dev-feedback,2015-01-20T11:34:23Z,2016-09-22T22:09:33Z,"Hey guys,
Remember #27985? It was about a slow query that did probably a full table scan, which was then replaced with two queries:
{{{
SELECT ID
FROM wp_posts
WHERE post_type = 'attachment'
AND post_mime_type LIKE 'video%'
LIMIT 1
}}}
{{{
SELECT ID
FROM wp_posts
WHERE post_type = 'attachment'
AND post_mime_type LIKE 'audio%'
LIMIT 1
}}}
On a busy server with 285k entries in wp_posts, this query is taking 5-7s each. And it takes forever to save/open an edit post screen.
The main problem is that there's not a proper index for it to use.
Running EXPLAIN shows this:
{{{
+----+-------------+----------+------+------------------+------------------+---------+-------+--------+-------------+
| id | select_type | table | type | possible_keys | key | key_len | ref | rows | Extra |
+----+-------------+----------+------+------------------+------------------+---------+-------+--------+-------------+
| 1 | SIMPLE | wp_posts | ref | type_status_date | type_status_date | 62 | const | 161195 | Using where |
+----+-------------+----------+------+------------------+------------------+---------+-------+--------+-------------+
1 row in set
}}}
I'm not really sure why such an unoptimized query would be put in place, but the index on (`post_type`, `post_mime_type`) fixes it:
{{{
+----+-------------+----------+-------+--------------------------------------+---------------------+---------+------+------+-------------+
| id | select_type | table | type | possible_keys | key | key_len | ref | rows | Extra |
+----+-------------+----------+-------+--------------------------------------+---------------------+---------+------+------+-------------+
| 1 | SIMPLE | wp_posts | range | type_status_date,post_type_mime_type | post_type_mime_type | 364 | NULL | 1 | Using where |
+----+-------------+----------+-------+--------------------------------------+---------------------+---------+------+------+-------------+
1 row in set
}}}
The query now runs in 0.2s.",archon810,46
38130,Multisite bug with current_user_can() and subscriber,,Users,4.6.1,normal,normal,Awaiting Review,defect (bug),new,reporter-feedback,2016-09-22T15:17:51Z,2016-09-22T21:22:32Z,"On multisite, Subscribers have `upload_files` permission but in wp-admin/includes/ajax-actions.php `wp_ajax_upload_attachment()` does not work because `current_user_can()` return `false` on line 2018 :
{{{#!php
false,
'data' => array(
'message' => __( 'Sorry, you are not allowed to upload files.' ),
'filename' => $_FILES['async-upload']['name'],
)
) );
wp_die();
}
}}}
Thanks for your help. ",JazZ7,3
38132,Remove orphaned postmeta,,"Options, Meta APIs",,normal,normal,Awaiting Review,feature request,new,,2016-09-22T19:41:13Z,2016-09-22T20:57:24Z,"It seems like a feature to remove orphaned postmeta on a site should be something that is built into core.
I know you can remove orphaned postmeta by MySQL query or plugin, but this does seem like something that should be built into core.
WooCommerce has a similar function to removed expired session data from the options table built into core.",lukecavanagh,3
34683,Default .htaccess config creates rewrite infinite loops for path-based multisite installations,,Rewrite Rules,4.3.1,normal,normal,Awaiting Review,defect (bug),new,,2015-11-14T20:16:54Z,2016-09-22T20:55:44Z,"Default .htaccess config for path-based multisite installations looks like that:
{{{
RewriteBase /
RewriteRule ^index\.php$ - [L]
# add a trailing slash to /wp-admin
RewriteRule ^([_0-9a-zA-Z-]+/)?wp-admin$ $1wp-admin/ [R=301,L]
RewriteCond %{REQUEST_FILENAME} -f [OR]
RewriteCond %{REQUEST_FILENAME} -d
RewriteRule ^ - [L]
RewriteRule ^([_0-9a-zA-Z-]+/)?(wp-(content|admin|includes).*) $2 [L]
RewriteRule ^([_0-9a-zA-Z-]+/)?(.*\.php)$ $2 [L]
RewriteRule . index.php [L]
}}}
The problem is in these lines:
{{{
RewriteRule ^([_0-9a-zA-Z-]+/)?(wp-(content|admin|includes).*) $2 [L]
RewriteRule ^([_0-9a-zA-Z-]+/)?(.*\.php)$ $2 [L]
}}}
`?` sign makes expression `([_0-9a-zA-Z-]+/)` optional, so rule works also for request like `http://example.com/wp-config/file.png` and basicly try to internal redirect request to the same address. If file does not exist, it creates infinite internal loops that causes internal server errors.
There is no sense create rewrite rules for main site of network and site prefix should no be optional for rewrites. Correct .htaccess content should be:
{{{
RewriteBase /
RewriteRule ^index\.php$ - [L]
# add a trailing slash to /wp-admin
RewriteRule ^([_0-9a-zA-Z-]+/)?wp-admin$ $1wp-admin/ [R=301,L]
RewriteCond %{REQUEST_FILENAME} -f [OR]
RewriteCond %{REQUEST_FILENAME} -d
RewriteRule ^ - [L]
RewriteRule ^([_0-9a-zA-Z-]+/)(wp-(content|admin|includes).*) $2 [L]
RewriteRule ^([_0-9a-zA-Z-]+/)(.*\.php)$ $2 [L]
RewriteRule . index.php [L]
}}}
",rob006,2
38134,Allow wp_no_robots to be hooked,,General,4.6.1,normal,normal,Awaiting Review,enhancement,new,,2016-09-22T20:49:47Z,2016-09-22T20:49:47Z,"It was decided in #22876 that
{{{
}}}
would be replaced with
{{{
}}}
But for those who would prefer `noindex,nofollow` there's no way to change it without a lot of hassle.
A change as simple as this would make it very flexible:
{{{
function wp_no_robots() {
echo apply_filters('wp_no_robots', ""\n"");
}
}}}",tomdxw,
38127,Webm support enhancements,,Media,4.6.1,normal,normal,Awaiting Review,enhancement,new,,2016-09-22T13:31:26Z,2016-09-22T17:20:48Z,"Greetings,
i would like to suggest some enhancements to the webm support
1) If you currently upload a webm you can only change the settings like autoplay on loop if you insert it and go again on edit
2) Webm can't currently be inserted for Galeries. I would like to suggest to handle it like image uploads for galeries.",Deexgnome,1
33330,Undefined property: stdClass::$slug,,Plugins,4.0,normal,normal,Future Release,defect (bug),reopened,has-patch,2015-08-10T20:51:18Z,2016-09-22T13:42:29Z,"When logged in and going to the Add Plugins page: /wp-admin/plugin-install.php, i get two identical php notices:
[10-Aug-2015 20:44:59 UTC] PHP Notice: Undefined property: stdClass::$slug in /wp-admin/includes/class-wp-plugin-install-list-table.php on line 38
I can reproduce with all plugins enabled and disabled, so I'm posting here as a potential issue with 4.2.4? ",mattfiocca,22
24251,Reconsider SVG inclusion to get_allowed_mime_types,,Upload,,normal,normal,Awaiting Review,enhancement,reopened,early,2013-05-02T19:36:57Z,2016-09-22T09:38:57Z,"There are some who think SVG should be included in core as an allowed mime type. Makes fine enough sense to me, since there is a good argument for it, and we have support for WordPerfect documents...so there's that.
Related: #20990",JustinSainton,64
33073,"Some strings need ""no HTML entities"" translator comments",,I18N,,normal,normal,Future Release,enhancement,new,,2015-07-22T14:44:59Z,2016-09-22T08:28:49Z,"This is a renewal of #10005, which was apparently my first patch to WP 6 years ago, but never got accepted. #10005 was closed as fixed, but it truth it was not (see my last comment there).
So, I'm opening a new ticket about this... and updating the description and patch from 6 years :)
Here goes!
Several strings need to have an indication warning translators against the inclusion of HTML entities within their translation, because of where the strings are user (RSS feeds, e-mails, JavaScript...).
Case in point: in French, there should be a non-breaking space ( ) before any double sign (; : ! ?). So, translators would turn ""URL: %s"" into ""Adresse web : %s"". But since it is used in e-mails, it is displayed as-is. And for strings that are used in feeds, it breaks them...
Suggestions comment: ""Do not add HTML entities ( , etc): used in [context]"".
Patch fixes all strings that I could find.
I do hope it is a simple enough patch, and not too close to RC, that it could make it into 4.3.
Thanks!",xibe,12
20774,Flagging a user with any role on a subsite as spam leads to flagging the site as spam,,Users,3.0,normal,major,Future Release,defect (bug),new,has-patch,2012-05-29T12:25:52Z,2016-09-22T07:25:55Z,"Hi,
Since many weeks, many WangGuard users were contacting me because they say WangGuard were flagging the sub sites as spam.
Thats not a WangGuard bug, is a WordPress issue.
Steps:
- Create a Subsite, you can add the Super Admin like site admin.
- Add a user like subscriber.
- Flag that user as spam in /network/users.php
That site will be flagged as spam although the owner were the Super Admin.
I think WordPress has to look for the user rol and only flag the sub site as spam if the rol is Administrator.
This issue is in WP 3.3.1 and 3.4",j.conti,21
38098,Use common naming for context switching functions / classes,,General,,normal,normal,Awaiting Review,defect (bug),new,,2016-09-19T17:13:08Z,2016-09-22T05:28:13Z,"I'm creating this ticket after discussions in #26511 and #25293. A quick overview:
As we all know, there are `switch_to_blog()` and `restore_current_blog()` to switch between different sites by adding the sites to the global `$_wp_switched_stack` and doing a bunch of other stuff.
Now, #26511 aims to introduce `switch_to_locale()` to do the same for the site's locale. To avoid using (too many) global variables, a `WP_Locale_Switcher` class was suggested. The locale names are stored in a stack as well
#25293 is about improving `switch_to_blog()` and introducing `switch_to_site()` as well as `switch_to_network()`. #37958 suggests using `Network_Sate` objects for the stack instead of simply the blog IDs.
#19572 is somewhat related as well, though I don't think a `switch_to_post()` function makes sense. Fun fact: `WP_Query` was once named `WP_Query_State`, see [1449].
----
Now, I want to suggest using some kind of naming convention for new `WP_Locale_State` and `WP_Site_State` / `WP_Network_State` classes to make things easier for developers. Those essentially do the same thing:
* Switch to a new state
* Add this state to a stack
* Pop an item off the stack
* Pop all items off the stack (#37958)
Solid naming is very important to avoid confusion. As mentioned, there are `switch_to_blog()` and `restore_current_blog()`. #26511 suggests adding `switch_to_locale()` & `restore_previous_locale()`. #19572 suggests `switch_to_post()` and `restore_post()`. Ugh.
The simplest solution for that is to introduce an interface that these new classes would need to implement. Basically something along the lines of this:
{{{#!php
/path/to/your/file
[url] => /url
[subdir] => /2010/05
[basedir] => /path/to/wordpress/wp-content/uploads
[baseurl] => http://example.com/wp-content/uploads
[error] =>
)
}}}
If the [error] field contains empty value then the file won't be uploaded because it checks for the below condition :
{{{
false === $uploads['error']
}}}
",PranaliPatel,
38117,Compatibilityé with live Photos,,Media,,normal,normal,Awaiting Review,feature request,new,,2016-09-20T22:45:51Z,2016-09-20T22:45:51Z,"IOS offers since last year the live pictures. jsuqu'à present they were not visible on the web.
Tumblr offers a tool to be able JS inétgrer these moving images on a site https://github.com/tumblr/laphs
Here's an example (keep pressing the mouse)
https://staff.tumblr.com/post/150686995095/baaaaaaaaaa
it would be nice to integrate the live pictures in articles.",Djibs13,
38116,Introduce is_callable check into apply_filters function to avoid failure of call_user_func_array causing all filters to fail.,,General,4.6.1,normal,normal,Awaiting Review,defect (bug),new,,2016-09-20T21:30:44Z,2016-09-20T21:30:44Z,"Hello,
Just wanted to suggest an improvement for the apply_filters function to avoid failures introduced by custom code or plugins that invalidly set an add_filter without providing the scope or misspelling the function.
Currently if a filter is applied incorrectly... in the case I came across I had a custom plugin which I missed wrapping the array($this,) around the function name. This caused an error in debug for call_user_func_array expecting valid callback. Due to this NULL is returned and all other filters are basically ignored.
Would be nice to do an is_callable check before execution of the call_user_func_array so as to skip any broken add_filters applied. I'd say still log an error so people can troubleshoot and find out why their filter failed, but would be nicer than returning null.
Thank you",garrett-eclipse,
31240,Combine domain and path UI in Add New Site flow,jeremyfelt,Networks and Sites,3.0,normal,normal,Future Release,enhancement,assigned,has-patch,2015-02-05T19:10:46Z,2016-09-20T17:43:26Z,"We're planning on fixing the Edit Site flow in #22383. After that sits for a release, let's change the Add New Site flow to reflect this change as well.",ericlewis,17
13461,Preserve GIF transparency/alpha during thumbnail creation,,Media,2.9,normal,normal,Future Release,defect (bug),new,dev-feedback,2010-05-20T13:23:30Z,2016-09-20T14:17:56Z,"GIF images with transparent backgrounds get thumbnails with black backgrounds.
It was a similar ticket for PNG images in: http://core.trac.wordpress.org/ticket/2805",javitxu123,18
38109,Improvements to user deletion,,Users,4.6.1,normal,normal,Awaiting Review,enhancement,new,,2016-09-20T13:50:32Z,2016-09-20T13:50:32Z,"User deletion in WordPress, at the moment, is not straightforward.
When you click ""delete"" on users who have authored content, you are presented with this ultimatum:
[[Image(https://i.imgur.com/11ex3hz.png)]]
At my company, we build and host WP sites for clients and we almost never make decisions about content. But we do sometimes want to delete users, for instance in the situation where a person who works for a client leaves their position as they have been promoted or left for another job. In that case we would like to be able to delete the user account of that person. But without knowing how to answer the question of which user to assign their content to, we're forced to ask the client to make that decision.
With a view to making it possible for sysadmins to delete users without having to consult with the client, I'd like to propose two solutions:
1. WordPress disassociates user accounts from authorship information (like in the Automattic plugin [https://wordpress.org/plugins/co-authors-plus/ co-authors-plus])
2. WordPress allows deactivating user accounts so that the user can no longer login or reset their password, but the account still exists",tomdxw,
38106,wp_localize_jquery_ui_datepicker() bug,,Script Loader,4.6.1,normal,normal,Awaiting Review,defect (bug),new,,2016-09-20T13:10:55Z,2016-09-20T13:33:08Z,"jQuery UI datepicker widget plugin customisation script has bugs.
To reproduce the bug, simply add a datepicker to the page and Wordpress will format the datepicker with a US date by default, rather than using the config from core.
{{{
$("".date-input"").datepicker({
dateFormat: 'yy-dd-mm'
});
}}}
I have fixed the function wp_localize_jquery_ui_datepicker(), please see the following pastebin with the corrected code:
http://pastebin.com/dkxMSNsV
A datepicker within my wordpress theme now shows UK formatted dates since implementing the fix.",jjmpsp,2
38053,register_taxonomy capabilities not taken into account with metabox,,Taxonomy,4.6.1,normal,normal,Awaiting Review,defect (bug),new,,2016-09-14T10:47:35Z,2016-09-20T09:37:32Z,"When registering a new custom taxonomy with register_taxonomy() I use the following capabilities array in the registration:
{{{#!php
array(
'manage_terms' => 'activate_p